Regularly changing passwords is an important part of online security, so it’s a best practice to allow users to reset their own passwords. The necessary steps to enable this feature will differ, however, depending on where passwords are stored. This article will help you to see all of the options available for allowing users to reset their passwords based on authorization source.
In this Article
Step 1: Determine the authorization source
To check where a user's password is stored in Constituent Manager, go to Constituent Manager > Settings > Constituent Roles.
- Choose a specific role, then select General Settings. Check the Authorization listing at the bottom of the window to find out where the passwords for members of that role are stored.
Determining Authorization Source
- Are the passwords stored within Finalsite? Go to Passwords for Finalsite-only users to learn more.
- Are the passwords stored in a third-party integration database? Go to Integrated database users for more information.
- Do users belong to multiple roles, such as Parent and Faculty? You may have passwords stored in different systems.
- Is a single user assigned to more than one role with at least one of those roles is authenticated against an integrated database? They are Integrated database users.
- Are passwords for all of their roles stored in Finalsite? They are Finalsite-only users.
Step 2: Go to the source to make configurations
Source: Constituent Manager for Finalsite authorization
For users to be allowed to reset their own passwords, a site admin must enable the setting for each role. Here's how to set this up:
- Go to Constituent Manager > Settings > Constituent Roles.
- Choose the role, then go to the General Settings tab.
- Select the checkbox next to Enable self-updating of passwords.
- Repeat this process for each role authorized within Finalsite.
- Ensure that your Login page is configured to display the “Forgot password?” link and any instructions you want users to see.
Important Note
If a user is both a site admin and a portal user (and those accounts are linked), then resetting their portal account password will also reset their site admin password, and vice-versa, even if the portal account is set to a role that is not allowed to self-update passwords.
Whenever Finalsite-only site users forget their passwords, they can click the Forgot Password? link on the login page. The user will receive an email with a password-reset link in it; that link takes the user to a page where they can create a new password.
Troubleshoot: Receiving Password Reset Emails
- Password reset emails are sent to a user's primary email address, whatever address is set as “Primary” in their Constituent Manager profile.
- If multiple users share an email address, the email that's generated will have password reset links for all of the users associated with that email address.
- Not receiving the password reset email? Go to "Troubleshoot: User not receiving password reset email" for help on what to do next.
The link they receive is time-sensitive and will expire after 24 hours. If the user hasn't clicked the password reset link in their email and reset their password within that time, they'll have to click "Forgot password?" again to generate a new email with a new link.
Source: Third-party system for integrated database users
Users whose passwords are stored in integrated databases cannot use the Finalsite password-reset tool. Instead, they should use the password-reset functionality built into the integrated database system.
Best Practice
Put a custom note on the Login page explaining how to do this. You can also add a message in the “Forgot Password?” email.
If you don’t already have an integration set up, learn more about what integrations are and see a list of available options.
Comments
Please Sign in to leave a comment if you don't see the comment box below.