Not logged in - Login

Regenerating and Distributing Temporary Password

Password Management

Generating and Distributing Initial Passwords.

The way SIMS ID handles temporary passwords has been improved to make the distribution of new passwords both simpler and more secure. This is especially useful when bringing a larger number of new users into SIMS ID at the beginning of a new academic year or when a new service is deployed.

Generation of Temporary Passwords

Requirement

  • When a school on-boards a new year/cohort/large group of users there must be a user-friendly process for distributing the new users' Temporary Passwords.
  • Temporary passwords will now be generated following the Password Complexity rules that have been set for the user type the password is being generated for.
  • Temporary passwords will have a short life span to prevent unauthorised access.
  • There will be a simple way to bulk regenerate Temporary Passwords for users who have not already reset their password.
  • There will be an easy way to produce a list of Temporary Passwords for distribution. This list will be rendered null and void should another list be generated for the same set of users to prevent copies of the list being a source of a data breach.
  • Alternatively a password reset email can be sent if the user have a verified email address

Managing Passwords

Logged into SIMS ID as a Site Administrator Click on the User Management Tile

Now click on the Manage Users

If you administer more than one site you will need to choose the site you are wishing to administer

Now select the Password Tools tab at the top of the page

This will take you to the Unclaimed Password page. This page allows you to view all users at your site that have not yet logged into SIMS ID so you can provide the user with their initial username and password. Once a user changes their password they no longer appear on this list.

Initially, the list will not show the password, this is done for security reasons. Click on ‘Show Password’ link to show the password Click on ‘Hide Password’ to hide a password.

If you are searching for a particular user you can use the sort and search features on the page.

Sending Password Reset Emails

Instead of distributing temporary passwords SIMS ID allows you send out a password reset email to users instead.

This may be a batter solution to distribute new passwords as it prompts the user to set a password rather then being required to copy and paste the unclaimed password initially.

In order to email a password reset link a user must have a verified email address set to allow communication. See the My Profile page for more information.

Groups Selector

Use the group selector to pick the users required to send the password reset email for.

Regenerating Passwords

SIMS ID gives you a convenient way to regenerate the Temporary Passwords for groups of users who have not yet changed their passwords.

From the Unclaimed Password page click on the Regenerate Temporary Passwords Button

The Group Picker

This will launch the Group Picker screen. This screen is used to select the groups you wish to Regenerate Temporary Passwords for. The available groups depend on the groups within SIMS, where auto provisioning is used or the groups created and managed in SIMS ID.

The Group Picker is common across a number of SIM ID components.

The Group picker has the following functionality for helping to find the appropriate groups.

  1. You can change the number of results shown per page
  2. You can search for a group
  3. You can move between pages of results
  4. You can show the groups you have already selected.

To select a group click the + next to the group you want to add, this adds the group to the groups whose members temporary passwords will be regenerated. The group then disappears from the list of available groups. You can keep selecting groups until all the groups you want are selected To review the groups you have selected click the Show Selected button (number 4 on the above screen shot)

Here you can see Year 1 group has been selected.

To remove a previously selected group click the red and white X next to the group.

Regenerating the Temporary Passwords

When you have selected all the groups you wish to regenerate Temporary Passwords for click the Ok button to proceed, the Add More Groups button to add more groups or the Close button to abandon the action.

When you click OK the system will ask you to confirm your password. This is to ensure a legitimate request is being actioned.

On successfully entering the password you will be presented with a confirmation dialogue that shows how many Temporary Passwords will be regenerated.

Click Cancel to abandon or Reset to Continue

If you click Reset You will be presented with the following warning - please do not close your browser or you will have to start again.

This warning can be suppressed from future Temporary Password reset operations by ticking the box.

Please read the warning and click OK

You will then be presented with the second warning - this informs you that this process can take some time. As an indicator and not a guarantee during testing the system would reset 2,000 passwords in 8 seconds.

This warning can be suppressed from future Temporary Password reset operations by ticking the box.

Please read the warning and click OK

You may now see a progress bar indicating the progress of your request. You may not see this if you are regenerating a small number of Temporary Passwords.

When the process is complete you will be presented with a results page.

Distributing your Temporary Passwords

Once you have comopleted the regenration step above you will be presented with a results screen.

The results page contains the following information * Date and Time of Generation * Forename * Surname * Username * Filter Criteria - The group this user is a member of. In this example Year Group 1. * The Temporary Password is shown as plain text. * The Day of Birth of the user. This is provided to help distinguish between users with the same name. The full date of birth is not provided to safeguard the data should this report be mislaid.

Printing and distributing the report.

The report is designed to be printed. Press CTRL-P to bring up a print dialogue.
Once printed the report is designed to be given to a class teacher OR cut into strips and passed out to users.

This phase has the most risk from a data security perspective. The report should be stored securely. Care should be taken when issuing usernames and passwords to users. The report should be securely disposed of when the action is complete

Audit

For compliance purposes, each time the Temporary Password Regeneration process is run an audit event is recorded. A user event is also added for each person who has a Temporary Password re-generated. This can be seen in the users My Profile

FAQs

Can I reprint the Temporary Password Report??

No, once the report page has been closed you will need to regenerate the Temporary Passwords. This will not affect users who have reset their passwords.

Do Temporary Passwords expire?

Yes, Temporary Passwords expire after 28 days.

Is there a way to reset an individual password?

Yes, please see Resetting a Users Password