Setting password expiration for Notes IDs
For users who access the service with the IBM® Notes® client, you can specify when Notes ID passwords expire. This password expiration does not apply to web users because they log in using their web login password rather than a Notes ID password.
Before you begin
About this task
If users click Password must be changed by field does not show the password expiration date.
, thePerform the following procedure to set password expiration for Notes IDs.
Procedure
- Log on to the service as an administrator.
- If your account also has the User role, click .
- In the System Settings section of the navigation pane, click IBM SmartCloud Notes and then click Account Settings.
- Click Password Management
- Click Enable password expiration for IBM Notes clients.
- Enter the number of days a password can be used before it expires. The minimum value for this setting is 30 days; the maximum is 3650 days.
Results
- When password expiration is first enabled, the passwords of all current users expire on a random basis after the expiration period, regardless of when the passwords were last changed. For example, if the expiration period is 90 days, all current users are prompted to change their passwords on a random basis when first authenticating after the 90-day expiration period.
- The passwords of new users also expire on a random basis after the expiration period.
- Users who are logged in when this setting becomes effective are not prompted to change the password during the current login session.
- Users might experience a lag time of a few seconds between the time they change their password and authentication. This lag occurs while the updated ID is synchronizing with the vault. If the synchronization does not complete, authentication can fail. In that case, users can wait a few minutes, and then try again. If the synchronization continues to fail and the user cannot access the client, reset the Notes ID using SmartCloud Notes Administration.
What to do next
- There is no warning that informs them that their password is about to expire.
- How often they will be prompted to reset their passwords.
- What to do if authentication fails after they change their passwords.