Keeping on top of and maintaining our high standards for security is one of our chief priorities. As part of the hosted email password/security initiative, we'll be resetting passwords for mailboxes with weak credentials. To provide you with control over how this is communicated to your customers, we have added new functionality to the MAC.
- How will the forced password reset work?
- What are the requirements?
- What notices will be sent?
- Customizing the notices
- Testing your customizations
How will the forced password reset work?
Users with weak mailbox passwords will be placed in a password reset state over 30 days. Within this 30-day state, three email notifications will be sent to affected users to encourage a password change that meets our requirements.
If users do not change their passwords within the 30 days, their email service will be suspended. The suspension will impact their ability to send an email via webmail or through a mail client; they will still be able to receive mail.
When logging in to webmail, customers will be redirected to the password reset page. This will encourage the customer to reset the password as they will not be able to access anything until they do so.
What are the requirements?
To ensure our overall mail security, all mailboxes are required to have a current password meeting the following requirements:
- minimum of ten characters
- at least one number
- at least one capital letter
- at least one symbol or special character
What notices will be sent?
There will be three email notices sent out; you will have full control over the three email notifications that are sent to users within the 30-days.
Initial 30-Day notice
|The first email that will be sent to affected users advising them to update their passwords.|
|The second email, reminding users to change their passwords.|
|Email Service Suspension Notice||The last email, confirming that the email service has been suspended.|
Customizing the notices
When customizing your emails, you may find it helpful to pull from our white-label content. This white-label content is different than the content of the default end-user emails sent from the MAC.
IMPORTANT: If you do not make any customizations, the emails will be sent with default email content and configurations. The default email content will be translated into the language set for the individual end-user mailbox
Customizing in the MAC
Under basic settings, there is a field called Unique password reset URL. Resellers with password portals can enter their unique URL in this field, which will be pulled into the default copy of the reset notices that are sent.
When customizing your emails in the MAC, branding will not be pulled into these emails. By default, these emails will be sent as plain text, but HTML tags to customize the look and feel of these messages can be added.
If you opt to customize the content of your end-user emails, the content you will provide will be sent to all users, regardless of their language.
- From email address
- Subject line
- Email 1 content - Initial password reset email
- Email 2 content - Suspension reminder: 2 weeks before the account is suspended
- Email 3 content - account suspended
Testing your customizations
Once you have made your customizations, you can test the emails. Once you click on the Send test emails button, enter the email address where you would like the test emails to be sent to for your review.