Password expiration standards for RE/NXT

The 6 character minimum password and lack of enforcement on expiring passwords are of concern to us.  It would be ideal to either adjust the standards up or to be able to configure the standards that users are subject to.

  • Guest
  • Feb 25 2016
  • Attach files
  • Melissa Graves commented
    October 01, 2019 16:59

    It is silly that this suggestion even needs to exist. Even sillier that nearly 4 years have passed and it has not been implemented.

  • Rivki Raphaelson commented
    May 30, 2018 18:01

    The password standards have now been increased to 8 characters but there is still no expiration. (https://kb.blackbaud.com/articles/Article/43647) It would be best if system admins had control over password standards for their organizations. For example our organization policy is to have 8+ with special char, number, upper, and lower case. I have no way to enforce this and have to rely on my users complying on their own. It would also be great if I could require 2 step authentication for our users. Now that we have our donor data protected by the same password in NXT, I think we need to have this decision in our court. 

  • Jen Claudy commented
    March 01, 2016 20:08

    This becomes bigger than NXT, as it's really your Blackbaud.com account that you use to sign in with.  At the very least, it would be nice to be able to set a reminder to users to change their password (with a link directly to the page where that is done), and let the DBA/System Admin set the timing on that.  Our computers at my org are on a 90 day cycle, so every 90 days, I have to change my computer password and at that same time, I just update everything across the board, even though not all of the systems require or even remind/recommend that it be changed.