This web version 15.1 was released on August 13, 2024.
Enhancements
- Improved web security by expiring old web sessions on all desktop devices after a user has changed their password to prevent an attacker from exploiting older credentials or session IDs for authorization. Previously only the local web session on a desktop device was terminated. Out of scope in this change:
- Mobile devices sessions remain unaffected.
- Does not apply when a user changes their expired password.
- We now have closed some gaps to enforce a 10 character minimum on all front end password changes. Coming soon:
- Enforcing a list of blacklisted terms such as the user’s name, email or organization name.
- Password validations on mobile devices
- API enhancements when setting temporary passwords for username employees being imported into eCompliance. We now reject passwords that are under 10 characters long, or contain part of the user's name, email, username, or company name.
For information on how frontline employees can reset their own password after logging into eCompliance, read this article - How do I change my password? – Support (ecompliance.com)
For information on how an Admin can reset the password for another employee click here - How Do I Reset an Employees Password? – Support (ecompliance.com)
What to do if you forget your password, check out this article - What to do I do when I've forgotten my password? – Support (ecompliance.com)
Comments
0 comments
Article is closed for comments.