E10.2 password clear

I’ve been trying to clear a user password in 10.2 (our test environment) however it is not clearing the user’s password and she is not able to access our test environment.
Has something changed?
Thanks in advance!
Carol

1 Like

The new password reset process in 10.2 sends the user an email with a temporary password.

2 Likes

Like @tkoch said. Also, make sure your Company Maintenance has the “Send From” address set so you can email that temp password. Epicor has really raised their security game with 10.2.

Mark W.

2 Likes

Check in System Setup >> Security Maintenance >> Password Policy, and make sure [Allow blank password on reset] is ticked.
Regards
John

3 Likes

Although I would not recommend blank passwords from a security perspective - especially for SaaS users.

Mark W.

That’s new! So if you don’t have the e-mail set up from epicor (or you broke it on purpose in test) that means you can’t get a new password?

1 Like

I think you can still clear the password in the administration console…

Selecting to reset ask for the user email … shows the actual email if present… Pressing Ok sends it.

image

Here is the email received:

The temporary password below can be used to login to Epicor.
Rwo/tWl;uU

If you are still experiencing problems logging into the Epicor application, please contact your System Administrator.

My question is:

Can we control the email text?
1: It is only in english, we are using the application using French language.
2: The looks is not great, I would transform it using HTML tags…

So can we edit this text?

thanks

Pierre
PS we just installed 10.2 in a test env… just starting to play with it … expecting an november live install !!! :wink:

If you’re in testing mode, you can still blank out the password. As SaaS users, that’s just not cool though. Security through obscurity isn’t really security.

You CAN override the email though. So when I set up a user/password for Epicor support (because SaaS users don’t have to “send us a copy of the the database”), I change it to my email, then I login with the temp password sent to my email account then change it and send that password to the Epicor Support person.

BTW, SaaS users have a place to indicate that a user is support and we can set the account to disable after X number of days.

Mark W.

1 Like

Excellent question Pierre. That would be helpful to be able to control the language.

Mark W.

You CAN still tell your spouse that that dress makes her look bigger but that doesn’t make it a good idea. :smirk:

Mark W.

2 Likes

Well moreover…I would like to indicate to contact Pierre at extension 222 for any issues…instead of just system administrator…:relieved:

1 Like

Thank you all for the help!

Hi, just wondering if anyone knows how to change the content of the email text that is sent for a password reset. We have a dev/test/training environments and 3 different databases so it would be nice to have a custom email to not which database/environment the password reset came from.

thanks

1 Like

Just happened to be looking for options re: password reset/clear and or turning off the emailing ‘feature’ in DEV instances with no email server set intentionally (too many emailing customizations and reports defined without a unified kill switch).
However, I just saw the answer to this question in another post about altering the reset email message text here : https://www.epiusers.help/t/change-default-error-message/53029/3?u=henry_burke
Just thought to complete the circle of solution life in case someone found this post first.

1 Like