Why Am I Now Prompted to Change My Password in The Raiser’s Edge?

Posted by to Blackbaud Europe on December 28th, 2011

We introduced several changes in The Raiser’s Edge 7.91 to comply with PCI and PA-DSS requirements. One of the changes for PCI compliance affects users’ passwords.

In this version of The Raiser’s Edge, the password becomes more complex. Passwords must now be between 8 and 10 characters, can contain numbers and letters, and must include at least 1 capital letter.

Examples of compliant passwords:                       Examples of non-compliant passwords:
Jamseyboy                                                                jameseyboy (no capital letter)
FRTeam27                                                                FRTeam (less than 8 characters)
P@ssword                                                                p@ssword (no capital letter)
patriciAt                                                                   patriciAthomas (more than 10 characters)

Also, in line with PCI compliance requirements, we have introduced a new option where, by default, passwords expire every 90 days and users will receive a notification 10 days before their passwords expire.

The option to force users to change their passwords can be disabled if, for example, you do not process credit cards in The Raiser’s Edge and therefore do not store credit card numbers.

Where to find this option in The Raiser’s Edge 7.91:
The option to enable/disable password expiration is available via Config, Business Rules, System Access Options. System Access Options is new to 7.91 and the timeout option shows as follows.

 

When the option is unmarked, then password expiration is disabled and users will not be prompted to change their passwords in The Raiser’s Edge.

When the option is marked, passwords will expire every 90 days though the number of days and the notify period on this screen can be changed, if required.

When users receive the notification that their passwords will expire in X days (where X is the number of days until it expires), they can change their passwords before they actually expire by logging into The Raiser’s Edge and selecting Edit on the toolbar, then Change Password on the drop-down menu. See How to change a user’s password for more information.

If users wait until their passwords actually expire, then the first time they log in after they have expired, the users will be prompted to change their passwords immediately. Please see Password Requirements in The Raiser’s Edge 7.91 for more information.

To keep up with us on Twitter, follow @bbsupport; we use the hashtag #bbre when we discuss The Raiser’s Edge. Take a look at our Twitter Guide to learn more.




Previous:

Next: