Skip to main content

Important system message. Read More

View Alert [ close x ]
Content Starts Here
< Back

Article

Changing a Candidate or User Password as an iCIMS User Admin

Release: 16.3

View As PDF

Overview

iCIMS provides simple password reset processes for candidates and Platform users. Passwords are encrypted using secure hash algorithms. iCIMS also provides the ability for the client to select password complexity rules and other requirements (additional information on this topic is available in the Password Requirements section below).

Individuals may easily change their own passwords by following the steps in the appropriate article from the list below; these links may be shared with and accessed by candidates and Platform users:
While it is a best practice for a candidate or Platform user to manage his or her own password, iCIMS provides User Admins with the ability to update a candidate or Platform user password on behalf of that individual should the need arise. The process below describes the steps that allow a User Admin to update an individual's password from within the Platform.

Resetting a Password for a Candidate or Platform User

  1. Navigate to the correct Person Profile. Then, click the Login Tab.
  2. Click the Edit icon.
  3. Type the desired new password in the Password and Password (Re-enter) fields.
Tip: If desired, a candidate or Platform user login name may also be updated from this screen. To update the individual's login name, enter the desired new login name in the Login field.
  1. Click the Save button to confirm the change.
The new password will function immediately, but the individual will not receive a notification that the password has been updated. For password security reasons, it is recommended that individuals manage their own passwords using the simple password retrieval and change processes in the articles referenced above.

Setting Password Requirements within Your System

Password requirements for your organization's Platform may be set by your Implementation Manager or iCIMS Technical Support based on your organization's preferences.

Your user admin can also set password requirements for your organization's Portals using the settings accessed via Admin > System Configuration > Tools to Attract Candidates > Career Portals > Configure > Portal Settings > Passwords.

iCIMS recommends adopting security practices at least as strict as the following:
  • Minimum character length (8 or greater)
  • Minimum # alphabetic (1 or greater)
  • Minimum # numeric (1 or greater)
  • Minimum # lowercase (1 or greater)
  • Minimum # uppercase (1 or greater)
Additional options include:
  • Force password change periodically (Options include disabled, 30 days, 60 days, 90 days, 180 days, 365 days)
  • Enforce password history for (If enabled, options range by integer from forbidding reuse of the last single password to forbidding use of the last 10 passwords)
  • Disallowed passwords (This option allows you to specify any passwords users may not use (e.g., "password"))
Tips:
  • If password complexity requirements are changed after a user or candidate has created a password, they will be prompted to create a new password.
  • If Force Password Change Periodically is enabled for X days, the system will force users who have not changed their password in greater than or equal to X days to change their password the next time they log in. This applies to new users as well as users who created a password prior to this requirement being enabled.