Username and Password

CSI encrypts passwords both through SSL and traditional access methods. In addition, all passwords are stored on the server in an encrypted fashion. Usernames must be unique within your company’s Intranet.  Passwords will be blank the first time the user accesses the site. A blank password will force the user to enter a new password during the first visit.

If a user forgets his/her password, the Site Administrator or a user with User Add/Change rights (see the User Security section of this chapter) can edit the user’s profile and select the Change Password option. This will prompt the administrator to create a new password for the user. The user can then sign in with the newly-created password and once again change his/her own password to something that is unique to him/her.

           

All passwords must be at least eight characters in length and alphanumeric.

After a defined number of incorrect login attempts (set by your Site Administrator; see the Advanced Administration section of this manual),a user’s account is automatically locked. To reinstate the account, if the user does not have a Secret Question, the Site Administrator or a user with User Add/Change rights must unlock the account. This is done by going to the user’s profile and selecting Unlock Account from the User Detail dropdown menu. A confirmation box will immediately appear letting you know that the account has been unlocked.

         

Users have the option of creating a secret question in the event that they enter their password incorrectly for the defined number of attempts.  To set the secret question, the user (or Site Administrator or user with User Add/Change rights) can go to his/her profile and select Edit Main Details from the User Detail dropdown menu. Type the Secret Question and Secret Answer in the blank text boxes provided and click the Update Information button at the bottom of the screen.

         
Once the secret question/answer information is updated, the system can prompt users to enter the answer to their secret question after they have exceeded the number of incorrect login attempts. Click the “Click here to unlock your account” link at the top of the Login box.

Enter the established answer to your secret question in the blank text box and click Unlock.


If answered correctly, your account will immediately be unlocked and allow you more attempts at entering your password.

If a user does not access the CSI Secure Connect site for a period of ninety days, or another frequency defined by the Site Administrator under the Menu dropdown (Menu>Configure Site>Advanced Administration> Options; see the Advanced Administration section of this manual),the user’s access is automatically suspended.  The site administrator must then re-establish access by unchecking the Disable Account check box on the user’s profile.

Note:  As a default, the session established during the log in process will expire after four hours of inactivity. If a user wishes to close the session at any time during the four hour time frame, he/she can simply close the browser window, and the session will be terminated.