salesforce_security_impl_guide
salesforce_security_impl_guide
salesforce_security_impl_guide
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Configuring Salesforce Security Features<br />
Setting Password Policies<br />
Field<br />
Obscure secret answer for password resets<br />
Description<br />
This feature hides answers to <strong>security</strong> questions as you type. The<br />
default is to show the answer in plain text when you answer a<br />
<strong>security</strong> question, for example when resetting your password.<br />
Note: If your organization uses the Microsoft Input<br />
Method Editor (IME) with the input mode set to Hiragana,<br />
when you type ASCII characters they’re converted into<br />
Japanese characters in normal text fields. However, the<br />
IME does not work properly in fields with obscured text.<br />
If your organization’s users cannot properly enter their<br />
passwords or other values after enabling this feature,<br />
disable the feature.<br />
Require a minimum 1 day password lifetime<br />
When you select this option, passwords can’t be changed more<br />
than once in a 24 hour period.<br />
3. Customize the forgotten password and locked account assistance information.<br />
Note: This setting is not available for Self-Service portals, Customer Portals, or partner portals.<br />
Field<br />
Message<br />
Help link<br />
Description<br />
When set, this custom message appears in the Account Lockout<br />
email and at the bottom of the Confirm Identity screen for users<br />
resetting their passwords. You can customize it with the name<br />
of your internal help desk or a system administrator. For the<br />
lockout email, the message only appears for accounts that need<br />
an administrator to reset them. Lockouts due to time restrictions<br />
get a different system email message.<br />
If set, this link displays with the text defined in the Message<br />
field. In the Account Lockout email, the URL displays just as it is<br />
typed into the Help link field, so the user can see where<br />
the link takes them. This is a <strong>security</strong> feature because the user is<br />
not within a Salesforce organization.<br />
On the Confirm Identity password screen, the Help link<br />
URL combines with the text in the Message field to make a<br />
clickable link. Security isn’t an issue since the user is in a Salesforce<br />
organization when changing passwords.<br />
Valid protocols:<br />
• http<br />
• https<br />
• mailto:<br />
80