Click the Password Requirements Configuration link under Common Tasks in Facility Information to access the Password Maintenance screen.
Password Maintenance settings are configurable:
Password Settings Apply to: Selecting ‘Workstation Password’ will only enforce complexity requirements on users’ workstation password. Selecting ‘Both’ will enforce complexity on the password and kiosk PIN.
Passwords Must Contain: The following are required characters in all workstation passwords: upper case letter, lower case letter, number.
Symbols are accepted, but not required. Passwords must NOT contain three or more consecutive identical characters (111, Aaa, Bbb, etc.)
Minimum Length: Passwords must be at least 8 characters.
Maximum Length: Passwords can be a maximum of 30 characters
Password Expires: This is the number of days a password can be used before it must be changed. Workstation passwords must be changed at a minimum of every 90 days. Default is set to 90 days.
Password Change Notification: This field represents the number of days staff are alerted BEFORE their password is set to expire. Default is set to 14 days.
Enforce Password History: This is the number of historical passwords that cannot be reused. Default value is set to 5.
Account Lockout Threshold: This is the minimum number of unsuccessful login attempts before a user is locked out of the application. If a user is locked out of the system it will require a CareTracker Administrator to Unlock their account from the Staff Maintenance screen. The user’s Workstation Password can then be reset.
NOTE: Users who have a locked Workstation Account can still log into the Kiosk using their PIN.
Forgot Password: There is a ‘Forgot Password?’ link on the CareTracker login screen that can be accessed if a user forgets their password. The user must enter their username and domain to receive instructions for resetting their password.
Email Password Retrieval: This setting allows users to reset a forgotten password through an automated email link. If a user forgets their password, an email is sent to the address that is saved in their staff account. The link in the email may only be used to reset a password once. It also can only be requested once every 24 hours.
If a user forgets their password after requesting a reset email within a 24 hour period, they need to see a CareTracker Administrator to manually reset their password through Staff Maintenance.
Enforce Email Domain Policy: This field will require that all email addresses entered into Staff Maintenance will have the domain specified in the Email Domain field. NOTE: The ‘@’ symbol is not required in this field. The domain for ‘Nurse@Email.com’ would be ’Email.com’
Default Retrieval Message: If staff members are not using Email Password Retrievals, this is the message will display for staff who have forgotten their password directing them to the appropriate person to reset.
Default Message: Please contact your CareTracker Administrator to reset your password. If you are unable to reach your CareTracker Administrator, please contact Client Care at 866-459-3382 for assistance.