BrassRing 24-hour Password Reset Wait Time VS the BrassRing Lockout Period

Answer

The BrassRing user password policy was updated to ensure the strictest compliance standards are being met. In order to meet these security policies IBM implemented the 24-hour password reset wait time and the lockout period. Below are the definitions of what each mean.

24-hour Password Reset Wait Time:
Once a password has been reset, the user will not be able to reset the password again for a 24-hour period.

Lockout Period:
Users who are unsuccessful in entering their correct password after three consecutive tries are locked out of the system for up to 60 minutes. Clients can determine the lockout period for their organization. The lockout period options are intervals of 10 minutes up to 60 minutes. A message will appear telling the user to try back when the lockout period has expired.

Troubleshooting Steps:
Client contacts with PowerUser access into Workbench, or Global Support Center agents, can review what may be occurring with the user’s access.

Workbench > Tools > Users > Administer BrassRing Users > Find the user and click to View user details.


On this page you can see:
· The last time the user logged in.
· The number of failed login attempts; which can tell us if the user is locked out of BrassRing or not.
· The amount of time their profile is locked for, along with how long your organizations has chosen to lock the profile after the failed login attempts.
· The last date their password was changed.
· How often your organization has chosen to have the users update their passwords.
· The last date a Password Reset Email was sent to the user.
· If the 24-hour wait has been enabled.


Scenarios, Troubleshooting Tips, and Notes:

Scenario 1: User attempts to login multiple times but is unsuccessful. (They have not attempted to use the forgot password option.)
Troubleshooting/Resolution: Look up the user in Workbench and see that the user is locked out of BrassRing. (Their profile shows a date and time in the “DateTime of Inactivity” field.) To resolve this issue, the user must wait until their profile is unlocked. (The time they must wait is shown in the same field on the profile.) Once the profile is unlocked they may attempt to log in again.

Scenario 2: User resets their password via the forgot password option. They then tried to login with the new password but was unsuccessful. The user selected the forgot password option a second time, thinking they could attempt to reset their password again, but receives the message “You have attempted to change your password twice within a 24hr period. For your security, password changes are only allowed once per day. Please wait 24hrs to reset your password again.”.
Troubleshooting/Resolution: Look up the user in Workbench and see on the profile that the 24 Hour wait setting is on because the user has already reset their password. To resolve this issue, notify the user that they are not able to change their password again for 24 hours (starting from the last date/time the password reset email was sent). The user can still attempt to log into BrassRing with their new password. This issue only restricts the user from changing their password again within the 24-hour window.

Scenario 3: User resets their password via the forgot password option. They then tried to login with the new password too many times and as a result, their profile gets locked. The user selects the forgot password option a second time, thinking they could attempt to reset their password again, but receives the message “You have attempted to change your password twice within a 24hr period. For your security, password changes are only allowed once per day. Please wait 24hrs to reset your password again.”.
Troubleshooting/Resolution: Look up the user in Workbench and see on the profile that the 24 Hour wait setting is on (because the user has already reset their password) AND the user profile is locked. To resolve this issue, notify the user that they need to wait until their profile is unlocked (the lockout time is defined on the profile view page), and let them know that they cannot attempt to reset their password again for 24 hours (starting from the last date/time the password reset email was sent). Once the lockout period has passed, the user may attempt to login again with their new password.

There is no manual way to reset passwords or override the password reset wait time at this time.

If your user is not receiving the forgot password emails you may want to try:
1. Update the user’s email address (on their user profile) to your own and then use the forgot password option to send the email to yourself.
2. Have the user check their spam and junk folders.
3. Check with your IT team to make sure the emails are not getting blocked at an email server/firewall level.

When submitting password reset issues to the Global Support Center, please provide the following:
1. User’s name
2. User’s email address
3. User’s username
4. What system the user is attempting to log into