OVERVIEW
This release introduces some notable changes to our password policies, bringing you more flexibility and improved experience.
ENHANCEMENTS AND CHANGES
Ability to Opt-Out from the 90-Day Password Expiry Requirement
You can now choose to opt out of the 90-day password expiry policy that was enforced in compliance with the PCI requirement. However, the opt-out option is available only if the Multi-Factor Authentication (MFA) feature is enabled. This is to ensure that PCI compliance is met either through password expiry policy or MFA.
To learn about the features in detail, see Manage Your Neto Account and Multi-Factor Authentication (MFA).
We added a new option Password expiry policy on the Manage account page. You’ll notice the option remains unavailable if the MFA option is disabled.
Once you enable the MFA option, the Password expiry policy becomes editable. You can choose to disable the Password expiry policy or enable it along with MFA for additional security.
To opt out of the Password expiry policy, click the Opt-out Password Expiry button, then in the Opt-out password policy dialog box, enter your password to authenticate yourself and click Opt Out.
Reverted Password Length Requirement for My Account Portal
Earlier this year, to comply with the PCI requirements, the password length requirement was increased to 12 characters for both the Control Panel and shoppers' My Account portal. However, recognizing the impact on shoppers and realizing that the webstore login does not require the same level of security, we have separated the Webstore requirements from the Control Panel requirements. The password length requirement for the My Account webstore portal is now changed back to 8 characters.
The password requirements for shoppers' My Account webstore portal are:
- Must be 8 characters long.
- Must contain at least 1 upper case, 1 lower case, and 1 number.
