Allowed characters and restrictions for passwords.

User passwords in Mindful Feedback must meet the following requirements:

• A minimum of 15 characters must be used.

• A maximum of 64 characters can be used.

• Passwords cannot contain three sequential digits.

• Passwords cannot contain three of the same character in a row.

• The previous 10 passwords cannot be reused.

In addition, the following controls are in place for enhanced password security:

• A maximum of three failed login attempts can be made before an account is locked out for one hour.

• Passwords will automatically expire after 180 days. Users will receive a notice via email 14 days before expiration.

• A maximum of two password resets can be performed for the same account per day.

• Passwords cannot be reset for deactivated user accounts.