Upcoming product change: Replicon passwords will soon be required to meet minimum complexity rules

  • 1
  • Announcement
  • Updated 6 months ago
  • (Edited)
On February 1, we’ll be enabling the Must Have Strength Rating of at Least Good password security option for all Replicon users.

This means that, whenever a non-SSO user changes their password on or after February 1, their new password will require a ‘Good’ or better rating on our complexity scale.



To ensure passwords are updated, on February 28, we’ll enable the Force password change on next login option in user profiles for any users who have not yet changed their passwords. Users will need to update their password before they can access their account.

Replicon will disable the accounts of any users who have not updated their passwords by March 28.

For more details on this change, please refer to How the new Replicon password complexity requirement will impact you.

Why are you enabling this option for everyone?

Your Replicon instance almost certainly includes sensitive information, such as billing data, payroll data, employee details, or other confidential information.

Employee login is a potential weak link in security, and using complex passwords is a gold-standard in protecting access to your system.

We take your data’s security very seriously, which is why we’re making complex passwords the default.

What do we need to do?

You can make this process simpler by encouraging all employees to update their passwords before February 28.

You might want to enable the Force password change on next login option yourself before that date, so you can guide any users who need assistance on your own schedule.

Can we change this setting once it’s enabled?

The Must Have Strength Rating of at Least Good setting will remain configurable in Replicon. However, we strongly recommend that you leave this option enabled, to help protect your system and data.

If you do disable this option after we’ve enabled it, we won’t enable the Force password change on next login option or disable accounts in your system.

What complexity rules do passwords have to meet?

A password’s complexity is based on several factors, including:

  • Number of characters (‘Good’ passwords often use 8 or more)
  • Use of numbers or special characters (it helps to include one or more)
  • Use of common passwords or repeating sequences (avoid these)
When users create new passwords, tips for making passwords more complex display under the New Password field.




How do we reset passwords?

Users can reset their own passwords by following these instructions. Administrators can update passwords for users by following these instructions.

What if we need help or have more questions?

Please contact Replicon Support if you need help resetting passwords, if you encounter login issues, or if you have more questions. Or, you can post questions in our community.
Photo of Paula Tannahill

Paula Tannahill, Technical Writer

  • 256 Posts
  • 1 Reply Like

Posted 6 months ago

  • 1
Photo of Slee, Mike

Slee, Mike

  • 1 Post
  • 0 Reply Likes
Well this is by far the worst password system I've ever encountered. I've had to create a completely forgettable password to get through the new password reset. My password here is now harder to manage than it is for both my personal bank accounts. This is a simple timesheet system, not a highly confidential/high secure system. Hate it