User password FAQs
Password requirements and security FAQs
Password complexity requirements
The following criteria are required for user passwords in Mindful:
- A minimum of eight (8) characters
- At least one number
- At least one of the allowed special characters:
- ^ $ * . [ ] { } ( ) ? " ! @ # % & / \ , > < ' : ; | _ ~ ` = + -
- At least one uppercase and one lowercase letter
Password FAQs
Does Mindful provide the ability to reset passwords?
Yes, users can reset their password on the Account Settings page.
Does Mindful require initial and temporary passwords to be random and complex?
Yes, random temporary passwords are set automatically when new user accounts are created. A new user will receive an email containing a temporary password, and will be prompted to change it after the first login.
Does Mindful prevent users from reusing at least the previous four passwords?
No, we do not enforce this requirement when resetting passwords. For added security via restrictions on reusing passwords, we recommend integrating with an SSO identity provider.
Does Mindful require users to reset their passwords every 60 days or less?
No, we do not set any time restrictions on passwords. We will deactivate a user's account and mark it as stale after 90 days of inactivity. After 90 days, you will need to contact the Mindful Support team to reactivate a stale account.
For added security via password expiration, we recommend integrating with an SSO identity provider.