Setting the password security level (Professional and Enterprise)

Have more questions? Submit a request

18 Comments

  • Todd Pauley
    Comment actions Permalink

    What are the timeouts when using Single Sign On with ADFS?

    0
  • Anna Everson
    Comment actions Permalink

    @Todd - When using SSO, sessions will expire after 8 hours.

    0
  • Todd Pauley
    Comment actions Permalink

    Perfect. Thanks Anna.

    0
  • Chris Fawley
    Comment actions Permalink

    After the 90 day expiration, can the end-user re-activate their own account or does an agent need to be involved? I want to increase security from low to high, but do not want to increase our ticket volume. Thanks.

    0
  • Anna Everson
    Comment actions Permalink

    @Chris - When a user's password expires, they will be notified when they next try to log in, then they will be forced to set a new one. No agent involvement needed!

    0
  • Chris Fawley
    Comment actions Permalink

    Perfect. Thanks!!

    0
  • Bradley Weismann
    Comment actions Permalink

    Will Light Agent's also receive the same expiration notifications?

    0
  • Jessie Schutz
    Comment actions Permalink

    Hi Bradley!

    This notification will go out to any user who has an expired password.

    0
  • David Williams
    Comment actions Permalink

    Hello

    The wording in the 'your password is about to expire' email to agents appears to be out of date so how do we update this please?

    0
  • Jessie Schutz
    Comment actions Permalink

    Hi David! Welcome to the Community!

    I'm not sure I understand your question. Can you please be more specific about what you're referring to?

    0
  • David Williams
    Comment actions Permalink

    Hello Jessie

    Many thanks indeed for responding and sincere apologies that my previous wasn't clear. 

    One of our agents received an automatically generated email from Zendesk which informed them that their login password would expire that day. The exact wording was:

    "Hello xxxx,

    Your current password is set to expire today. Please sign in to our support site as soon as possible to change your password. Once you've signed in, click the drop-down menu next to your name in the upper right and select Change password.https://organisation-name.zendesk.com

    Thank you!"

    However these instructions need updating to read something like "Once you've signed in, click the avatar icon in the upper right corner and select 'view profile'. In your user profile, open the 'Security Settings' tab and click 'Change' in the 'Password' section and follow the on-screen instructions."

    Alas I'm unable to locate the functionality to update the email text myself and I'm hoping that you will be able to assist me please?

     

    0
  • Jessie Schutz
    Comment actions Permalink

    Hey David! Thank you so much for clarifying! I see what you mean now.

    The text for the password reset email isn't customizable...it's a system message. I'll be sure to pass this on to the right team to see if they can update that. Thanks for bringing it to our attention!

    0
  • Gaëtan Tobie-Echeverria
    Comment actions Permalink

    hello,

    would be great if the custom option for Zendesk password security level could be available for the end-user tab. Is this in your roadmap ? 

    0
  • Nicole - Community Manager
    Comment actions Permalink

    Hi Gaetan,

    It is not currently in our roadmap. If you'd like to share your idea in the Support Product Feedback topic other users are more likely to see it there, comment as to whether they have a similar need, and up-vote your idea. Posts that receive a high level of engagement there are passed on to product managers for consideration.

    Thanks for sharing your ideas!

    0
  • Micha Brans
    Comment actions Permalink

    Hi,

    We have our password level set to high, however I have 1 useraccount that is used to access the API from several scripts.

    Although it is perfect that each user has to change his/hers password every 90 days, this is more problematic for this 'API-User'.

    Is there a way to mark a specific useraccount to 'password never expires'?

    Many thanks,

    Micha

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Micha,

    These changes would be for all agents across the account, unfortunately. Have you looked into generating an API token and using that newly created token instead?

    Let me know!

    1
  • Micha Brans
    Comment actions Permalink

    Hi Brett,

    Thanks for the quick answer,

    I was already using an API key but still received several emails addressed to this API-User telling me the password would expire, so this confused me.

    Is it correct to say that, even if a password of an account has expired and/or the account has been locked, the API key for that account/user will always stay active and can be used without having to update the password every 90 days?

    Thanks,

    Micha

     

    0
  • Brett - Community Manager
    Comment actions Permalink

    Hey Micha,

    The API token will still be valid, the user would just need to reset their password to be able to log into the agent interface. If you never log in with that user, that shouldn't cause issues with your API calls as long as the token is being used.

    Let me know if the above doesn't make sense!

    0

Please sign in to leave a comment.

Powered by Zendesk