Effective December 5, 2012:
New Procedure for Unlocking Account/Forgot Password and New Password Requirements
In order to provide optimum security over the internet, the JNET User Provisioning System now requires that passwords include one special character (such as #,%, or !) in addition to being 8-15 characters in length, with at least one upper case letter, one lower case letter, and one number. Users will not have to automatically set new passwords on December 5th, but will have to update their passwords to the new standards once their current password expires. To assist users in updating their passwords, JNET has added a password strength meter in the JNET Forgot Password utility.
To simplify password and account maintenance, the “Unlock Account” link has been removed from the User Provisioning System. When a user clicks on the “Forgot Password” link, their account will be unlocked and they will have to type in their JNET user name (e.g., john.testuser). In addition the user will be presented with a new automatically generated “security code” which they will type into the provided security code box. After submitting a correct user name and security code, the user can answer their challenge questions and re-set their password.
Should the user fail to answer their challenge questions 3 consecutive times, the account will administratively lock. The user will then have to contact their JNET Registrar or the JNET help desk in order to unlock their account.
Administrative Password Reset
Should a user lock their account, their JNET Registrar may access the new Administrative Password Reset link under Administrative Tools to unlock the account. After entering the username associated with the locked account, the Registrar will verify three of the following user attributes before unlocking the account:
Date of Birth
After the user verifies three of the attributes, the system will generate a new temporary password for the Registrar to share with the user. Please note, for security reasons, you should never include both the JNET username and temporary password in an email.
A quick reference card for both the new Forgot Password utility and the Administrative Password Reset are available in the User Reference Cards section of the User Info tab on the JNET secure portal.