‍

‍Overview

Keeping aligned with security best practices to ensure the safety of your data, we are removing the “Never Expires” option for the password duration settings on the password you use to sign into KUBRA.

Clients who had previously chosen this option will now be moved to the maximum available duration of 365 days. All users who were on the “never expires” option will now be required to change their password by March 1, 2023 which will become the new annual expiry date (365 days).

Example:

• User A’s password was set to never expire.
• User A’s password was updated to the 365 day expiry limit on March 1, 2022
• User A’s existing password will now expire on March 1, 2023

Please Note: Clients will have the option to select a lesser duration if that would better fit their security requirements. This functionality is available in the Security Settings Popup under the User Administration Menu.

Reminder

As a reminder, in accordance with the communication sent out in June 2021, all password strength settings have been changed to HIGH.

Please note:

• There will be no changes to existing passwords in the system.
• Clients will only be required to enter a new password that meets the new security requirements the next time they are required to change their password.
• Clients using a third-party IDP are not affected by these changes.

Implementation Notes

Release Format:

Automatic - This feature will be automatically activated.  No configuration or retrofit required.

Automatic Impact:

Medium Impact - this feature will impact the normal day-to-day activities of users as the feature will engage without user input when activated, however there is more than sufficient time to prepare.