How to Change Your Direct Access Password

Introduction:

This section provides the procedures for changing your password and setting up forgotten password help. You should change your system generated password the first time you use Direct-Access.

Passwords are a common form of authentication and are often the only barrier between a user and your personal information. There are several programs attackers can use to help guess or "crack" passwords, but by choosing good passwords and keeping them confidential, you can make it more difficult for an unauthorized person to access your information.

Make sure your workstation is setup to allow email from Direct-Access. Check your Junk Email Option in MS Outlook, by going to Actions>Junk E-mail>Junk E-mail Options.  Make sure the box next to "Permanently delete suspected junk Email" is NOT checked.  Then, add ucgp1pp@hostingmail.corio.com to your Safe Senders list.

Rules for Passwords:

Direct-Access passwords must be at least 9 characters long,

• at least 1 of which (any one) must be numeric and

• at least 1 of which (any one) must be a special character (e.g. ! @ # $ % ^ & * ( ) - _ = + \ |[ ] {} ; : / ? . > <).

You can create and save a password with more than 9 characters (up to 32). New passwords cannot be provided via telephone. You must use the Self Service Password Reset if you forget your password. See Password Policy for more information.

The password cannot be the same as your user ID. Your user ID never changes or expires.

Follow these guidelines when creating a new password:

• Don't use passwords that are based on personal information that can be easily accessed or guessed.

• Don't use words that can be found in any dictionary of any language.

• Develop a mnemonic for remembering complex passwords.

• Use both lowercase and capital letters (Direct Access passwords are case sensitive)

• Use a combination of letters, numbers, and special characters. (Direct Access passwords must contain at least 1 number and 1 special character).

• Use different passwords on different systems.

System Lockout:

System lockout will occur after 3 unsuccessful log in attempts.  Click the "Forgot password?" link  to request a reset and new password. If a user locks their account they will need to wait 20 minutes prior to being able to trigger the unlock email being sent by clicking on the Continue button on the Forgot Password page.  If the user clicks on the Continue button prior to the 20 minutes , the user will be sent an email stating they must wait until the 20 minutes have passed.

Expired Passwords:

Passwords will expire every 180 days. A password expiration reminder will be set to alert users 2 days before the passwords expire.  When your password expires you will be prompted to change it.

You must change your password at this time. Click the link to change your password, this will take you to your profile page.

Click the Change Password link and follow the instructions below.

To Change Your Password and Change or Setup Forgotten Password Help:

1. Locate the Enterprise Menu (bottom, left side of the window) and click the  Change My Password. Link
   
   The Change password page appears.

2. Select a security question from the drop-down list.
   

3. Enter your Response to the security question:
   

4. In the New Password edit box enter the new password.
   In the Confirm Password edit box, enter your new password again.

5. Click Change Password.
   

6. The save conformation page will display:
   
   Click the OK button to continue.

7. You will be returned to the Change Password page. Click the Home link, it is located at the top of the screen, to return to the main menu.

Using the Forgotten Password Reset:

Follow these steps if you forget your password:

1. Click the "Forgot MY Password?" link. .
   
    

2. Enter your User ID and click the Continue button.
   
   
   Note: If your account is not setup, the following error message will display:
   
   Follow the instructions in the message for assistance.
    

3. If your account is properly setup (You have entered your business email address and setup a security question and response) they system will send a password reset link via email:
   
   Check your email for the link (Note: If the message is not in your inbox, check your Junk Mail folder).
   
    

4. Follow the instructions in the email to access your password reset page.
   
    

5. Enter the response to your security question and click Submit
    

6. If you entered the correct response, the password reset page will display.
   
   
    

7. Complete the New Password and Confirm Password fields. Note: Passwords must be at least nine characters long and contain at least one number and one special character).
   Click the Change Password button.
   
   Note: The system will also send a confirmation email to alert you that your account has been changed.
    

8. Click the link to return to the portal login page.
    

9. Login with the password you set in step 6.
    

Verify the email address in your user profile:

Your business email address must be correct to use the forgotten password reset.

Follow these steps to verify the email address in your user profile:

1. Select the My Email Addresses link from self-service menu
   

2. Enter your Business Email (Note: If the business type is not listed, select it from the drop-down menu).
   Check the "Preferred Address" box.
   

3. Click the Save button.