Skip to main content

Integrations - How to Use Username & Password for Authentication

Kristiana Trifonova
  • Updated

Introduction

In this article, we’ll run through how you can enable users to sign into their program with their email address and password. When this is enabled, users will be asked to create a password during the registration process, allowing them to sign in to the program using their chosen email address (username) and password. 

 

How to Enable Username and Password

To enable it, log into Reward Manager, click on the Integrations tab on the left, and under the Explore tab you will see Username and password

If you don’t have access please speak with your Client Success Manager or a member of the Client Support team who will assign your permissions.

Screenshot_2022-06-27_at_16.50.16.png

Select the integration and turn it “On” using the toggle button.

Screenshot_2022-06-27_at_16.51.29.pngHow Secure Is It to Enable Username and Password?

As a short answer – extremely. All passwords are secured through hashing and are never shared with the member via any method of communication. Find out more on what other security options are available in the article on Registration criteria for RG programs.

 

Other Options Available to Enhance the Security of Using Local Credentials

When setting up the integration, there are several options to enhance the security aspects of the locally held credentials. These are further explained below and could be found under Security in Reward Manager.

If you don’t have access to this, please speak with your Client Success Manager or a member of the Client Support team who will assign your permissions.

Password Requirements

All passwords must contain at least one uppercase, one lowercase, and one digit or special character. This increases the complexity of the passwords and reduces the risk of them being susceptible to attacks such as Dictionary attacks.

Screenshot_2022-06-27_at_16.57.56.png

Minimum Password Length

You can select a minimum password length for all users. The minimum is 16 characters.

Prevent Re-use

Employees cannot re-use any of their last ten passwords.  

Periodic Refresh

Employees will be prompted to change their passwords every 60 days.

Send Password Reset Instructions

Search for members and dispatch a password reset instructions email.

Screenshot_2022-06-27_at_16.58.33.png

 

How Members Can Recover Their Forgotten Passwords

If an employee has lost or forgotten their password, they can use the Account Recovery section to recover their account. The Account Recovery section can be found on the main landing page or by typing /recover after your program’s URL.
e.g. https://[YOUR_PROGRAM_URL]/recover
 

Related to

Related articles