Enforcement of Password Rules In 5.20.33+ Releases of ASPIRE

Enforcement of Password Rules In 5.20.33+ Releases of ASPIRE

Beginning in the 5.20.33 release of ASPIRE the Password Rules and Account Rules settings configured under Administration -> Account Security are now enforced upon every login session to the system. This includes users configured in the system that have been designated to authenticate requests via the ASPIRE API. In previous versions of ASPIRE users could be configured prior to the configuration of Account Security without the system requiring them to be updated upon next login if they didn't conform to the newly established settings.

Upon upgrading to the 5.20.33 release of ASPIRE or any subsequent version, user account passwords may expire or require reset if they were previously created with credentials that do not meet the configured Account Security requirements. This includes users designated to authenticate requests via the ASPIRE API. If credentials are not updated user accounts will be denied access upon login or the initiation of an API request until they have been updated to conform to the configured Account Security Requirements.

An example of this scenario is as follows:

 1.       A user has been configured in the past in a version below 5.20.33 with password rules configured as follows:

 

 2.       User's password meets default settings:



 3.       Password rules are changed after this user had been established:



 4.       ASPIRE is upgraded to later release that now enforces password rules upon all logins or API requests:



 5.       User’s password doesn’t conform to the new password rules or is older than the maximum age setting so it must be updated upon login and system requires it to be updated:


 
 


    • Related Articles

    • How to build a new User in ASPIRE v5

      See Attachment for detailed information on each step BASICS:   1.  Build a new Account 2.  Fill out the Login screens for that user, which will assign them to an existing Security Profile 3.  If the user needs to be able to process  Payments, ...
    • NACHA File Format and NACHA Rules

      See attached documents for complete details.  The attached documents cover all aspects of the NACHA file format and 2010 NACHA Operating Rules.
    • ASPIRE Help and ASPIRE API Help Online

      Click here for the latest ASPIRE v5 Help Click here for the latest ASPIRE API Help Use these credentials for both sites.    Username: lti       Password: @spire4u
    • ASPIRE API Help

      Click here for the latest ASPIRE API Help Use these credentials.    Username: lti       Password: @spire4u
    • ASPIRE Logical Architecture

      See attached document for complete details.  LTi Technology Solutions, a Microsoft Gold Partner (representing the highest level of competence and expertise with Microsoft technologies), chose the Microsoft .NET Framework (currently version 4.7.2) as ...