REL-ID for MobileREL-ID APIsREL-ID for Web
Guides
Start typing to search…

Update Password on Expiry

🎯 Purpose

Handles mandatory password updates when user passwords have expired, ensuring continuous security while maintaining user session continuity based on system configuration.

🕐 Password Expiry Detection

⏰ Expiry Check Process

  • Trigger Point: Password expiry checked after successful user authentication
  • Detection Logic: System compares password creation/update date with expiry policy
  • Policy Source: Expiry duration configured in Module Config Management
  • Configuration Path: Common-Configs module → PasswordExpiry configuration

📅 Expiry Duration Management

  • Configurable Period: Password validity duration set by administrators
  • Typical Ranges: 30, 60, 90 days, or custom durations
  • User Warning: System may provide advance warning before expiry
  • Immediate Enforcement: Expired passwords trigger mandatory update flow

🔄 Password Update Flow

🚨 Expiry Screen Presentation

  • Trigger: User sees "Update Password on Expiry" screen after successful authentication
  • Timing: Displayed when expired password detected post-authentication
  • User Action Required: User cannot proceed without updating password
  • Clear Messaging: Explanation of why password update is required

🔒 Password Update Process

  1. Current Password Entry: User may need to re-enter current password for verification
  2. New Password Creation: User creates new password meeting current policy requirements
  3. Password Confirmation: New password entered twice for verification
  4. Policy Validation: System validates new password against complexity rules
  5. Storage Update: New password hash replaces expired password
  6. Expiry Reset: Password expiry date updated based on new creation time

⚙️ Session Management Configuration

🔧 Configuration Parameter

  • Location: GM → Module Management → Blaze Adapter → sdk.app.settings
  • Parameter: TERMINATE_SESSION_ON_PASS_CHANGE_FLOW
  • Purpose: Controls user session behavior after password update

📊 Configuration Options

Configuration ValueSession BehaviorUser ExperienceUse Case
["NONE"]Session continuesUser remains logged inDefault, user-friendly
["ALL"]Session terminatesUser must re-authenticateHigh security environments

🔄 Session Continuation ("NONE")

  • Behavior: User session maintained after password update
  • User Experience: Seamless transition, no additional login required
  • Security Impact: Convenience prioritized, session integrity maintained
  • Default Setting: System ships with this configuration

🔒 Session Termination ("ALL")

  • Behavior: User session terminated after password update
  • User Experience: User must complete full re-authentication
  • Security Impact: Maximum security, forces fresh authentication with new password
  • Use Case: High-security environments requiring re-authentication

📊 Password Update Flow Diagram

🎯 User Experience Considerations

✅ Smooth Transition (NONE Configuration)

  • Minimal Disruption: User continues with intended task
  • Progress Preservation: Application state maintained
  • Convenience: No additional authentication steps required
  • User Satisfaction: Reduced friction in user workflow

🔒 Security-First (ALL Configuration)

  • Fresh Authentication: Ensures new password immediately tested
  • Security Validation: Confirms user can authenticate with new credentials
  • Risk Mitigation: Prevents potential session hijacking with old credentials
  • Compliance: May be required for regulatory compliance

⚠️ Implementation Considerations

🔧 Administrator Guidance

  • Policy Alignment: Choose configuration that aligns with organizational security policy
  • User Communication: Inform users about password expiry policies and procedures
  • Testing: Validate configuration changes in test environment before production
  • Monitoring: Track password update success rates and user experience issues

👤 User Education

  • Advance Warning: Notify users of approaching password expiry
  • Clear Instructions: Provide guidance on creating compliant passwords
  • Support Resources: Ensure help desk prepared for password-related issues
  • Policy Communication: Share password policy requirements with users

Updated 15 days ago