Resetting a person's password or login ID
In BMC Helix ITSM, you can reset a password in several ways depending on your permissions and your role.
You can reset passwords from different locations depending on your permissions and the screen mode :
Location of password reset functionality | Permissions and BMC Helix ITSM state of use |
|---|---|
Password field on the Login/Access Details tab of the People form |
|
Reset Password link in Application Administration Console | Administrators and permission groups with Security permission. Password rules are not enforced on reset password, but they are enforced when target users are forced to change their password on the next logon. |
Change Password link on the People (Search) or People (Modify) form when an individual is changing their own password | Any user with permission to modify People records. Password rules are enforced on the changed password. Individuals are not forced to change their password on the next logon. |
Change password link on the AR System home page | Any user with permission to modify People records. Password rules are enforced on the changed password. Individuals are not forced to change their password on the next logon. |
To reset a password from Application Administration Console
Use this method if you are an Administrator or in a permission group with Security permission. Administrators and those with Security permission can change the password for any individual.
- From Application Administration Console, click the Custom Configuration tab.
- From the Application Settings list, choose Foundation > People > Reset Password, and then click Open.
The Password Reset dialog box is displayed. - In the Login ID field, enter the login ID of the person whose password you want to change and press Enter. The rest of the fields are populated with the corresponding people data and the Password field is activated.
- Enter the new password.
- Click OK and then click Close.
If the Enforce Policy and Restrictions setting in the AR System Use Password Management Configuration form is turned on, the next time the individual logs on they are prompted to change their password, which must adhere to the password guidelines. For more information about the AR System User Password Management Configuration form, see Changing-a-user-login-ID-by-using-the-Data-Wizard-Console.
To remove a person's login ID
When a person leaves a company or moves to a role within a company that does not require access to BMC Helix ITSM, you can remove that person's login ID. However, you cannot remove the login ID of a support staff person.
To perform this function, you must have the Contact Organization Admin or Contact Support Admin permission.
- From Application Administration Console, click the Custom Configuration tab.
- From the Application Settings list, choose Foundation > People > People, and then click Open. The People form appears.
- Search for the person, and then select the person with the login ID to remove.
- In the navigation pane, choose Other Functions > Remove Login ID.
To perform this function, you must have the Contact Organization Admin or Contact Support Admin permission.
You are prompted to confirm and the login ID is removed.
Password guidelines
Password guidelines force users to choose a combination of characters and numbers that make it more difficult for people to guess another user's password.
The Enforce Policy and Restrictions setting in the User Password Management Configuration form determines whether password guidelines are used for BMC Helix ITSM. These guidelines can be further customized from the default Health Insurance Portability and Accountability Act (HIPAA) guidelines by the AR System administrator. For example, after passwords have been reset, users might be forced to change their passwords the next time they log on. Check with your AR System administrator for information about your site's password guidelines. For more information about configuring AR System password guidelines, see Enforcing a password policy for BMC Helix Innovation Suite.
The default password guidelines, which follow the HIPAA guidelines, are as follows:
- Blank passwords are not allowed
- The password cannot match the login name
- Leading and trailing whitespaces in the password are omitted
- Whitespaces within the password text are retained
- The old password cannot be used when changing the password
- The password cannot be a dictionary word, which is achieved by the following rules:
- Must be a minimum of eight alphanumeric characters
- Must include at least one uppercase alphabetic character
- Must include at least one lowercase alphabetic character
- Must include at least one non-alphanumeric (special) character (for example, #, !, +, %)
Other default restrictions include:
- The administrator or an individual with Security permission must be able to change the password at any time.
- Users (except for the administrator and the individual user) cannot change the password. This is accomplished through the Dynamic Group Access field (ID 60988) on the User form.
- The account is disabled if the user has not changed the password after the number of days specified in the Days after force change until disablement" field in the AR System User Password Management Configuration form.