Enable password invalidation

Use the Password Invalidation node of the Configuration Manager to enable or disable the password invalidation feature. Password invalidation, when enabled, requires WebSphere Commerce users to change their password if the user's password has expired. In this case, the user is redirected to a page where they are required to change their password. Users are not able to access any secure pages on the site until they have changed their password. To enable this feature:

1. To use the password invalidation security feature, define the ChangePassword view for your store as described in Password invalidation.

2. Open the Configuration Manager.

3. Traverse to the Password Invalidation node for your instance as follows: WebSphere Commerce > node > Commerce > Instance List > instance > Instance Properties > Password Invalidation

4. To activate the password invalidation feature, click the Enable check box.

5. To apply your changes to Configuration Manager, click Apply.

6. Upon successfully updating the configuration for your instance, you will receive a message indicating a successful update.

7. Restart your WebSphere Commerce instance.

 

Related tasks

Enhancing site security