Passwords: Policies and Resets

Password policies are configurable options that can be unique to each subscription. The default setting on each subscription are such that:

• Passwords will not expire.
• Passwords must be at least 8 characters in length.
• A minimum of 2 of the following rules must be utilized:
  • At least one lower case letter (a-z)
  • At least one upper case letter (A-Z)
  • At least one number (0-9)
  • At least one special character (~!@#$%^&*()_+`-={}|[]\:Ó;Õ<>?,./)

To modify these options, subscription administrators can go to Setup > Subscription > Actions > Edit Subscription. This will bring up an editor allowing modification of the three fields pertaining to this functionality:

• Password Expiration checkbox and Number of Days field: Determines whether user passwords should expire after a set period of time. Checking the Enable box requires that a number be specified in the related Days field. Valid values are between 1 and 365.
• Minimum Password Length: The number of characters required in user passwords. Valid values are between 8 and 254.
• Required Password Rules: The number of rules (listed above) that must be adhered to when creating a password. Valid values are between 1 and 4.

Automatic Resets

Anyone can use the “Forgot your password?” link available on the main Rally login page and enter a username to initiate a password reset email for that individual. This notification will be sent to the email address associated with their account that contains a link allowing them to select and confirm a new password for their login.

Manual Resets

Users can reset their own passwords at any time by going to Setup > Profile > Edit Profile where there will be text boxes for entering their old password, setting and confirming a new password.

Administrative Resets

Workspace & subscription administrators can request a password reset email be sent to a user by going to Setup > Users and choosing the edit option for the individual. There will be a check box option listed next to the Did this user forget their password? field, that can be enabled to initiate this process upon selecting Save & Close.

Alternatively, subscription administrators can override the automatic email reset process temporarily by disabling email functionality to let them manually update their users' passwords.

To do this go to Setup > Subscription > Actions > Edit Subscription and uncheck the box for Email Functionality. Once done, they can then go to Setup > Users > Edit User and set the password for these individuals.

Please note that while email functionality is disabled, notification rule emails would not be initiated. The updates covered by these items would still be visible via the My Home > Dashboard > My Notifications panel.