PayrollHero have increased our security in line with our existing policies. Below are the list of updates we’ve made on the system.
New Security Standard: Less than 2 year old passwords could not be reused
- Any password that has been used for at most 2 years could not be reused.
- This avoids passwords that could have been compromised in the past by social engineering or other means.
Employee Welcome Emails does not contain a link to set passwords.
- Since managers could no longer set password for their employees, employees now will have to set their own passwords.
- This ensures that no 3rd party person knows anybody’s password.
Only the user themselves are the ones who can set their password
- Admins would no longer be able to set passwords for their employees.
- This eliminates the a 3rd person from knowing another person’s password and impersonating them in the system.
Stricter Password Policy: Expiring Password
- Users are not allowed to log in to PayrollHero’s core app with an expired password.
- The password duration could be set at /setup/account/edit.
- This is currently by request, if you would like this to be enabled on your account, please email us at support@payrollhero.com
Password re-use prevention
- When reseting passwords, it is now ensured to not match any password used in the past 2 years.
- This helps users avoid passwords that might have been compromised in the past by social engineering.
Lockout by 6 password failed attempts
- The system now tracks how many consecutive incorrect passwords has been attempted and lock out the user forcing them to change their password.
30 minutes auto logout
- The users are now logged out automatically after 30 minutes instead of one hour.
Minimum Password Requirements
- Users are now required to use at least the following in their password:
- one lowercase letter
- one uppercase letter
- one number
- 8 characters in total for the password length
How NEW Employees can Reset their Password
Here’s a video on what your employees would get once you’ve added their profile on your PayrollHero account – Resetting the password for New Employees
How to Reset the Password?
Here’s a video to show how you can reset the password via the Login page of your PayrollHero account – Resetting the password
If you have any questions, feel free to email us at support@payrollhero.com