0

Random Password Changes

Grant Atwood 7 years ago in Staff Module updated 7 years ago 4

Multiple staff in my agency have had their passwords change inexplicably this week, myself included. Is this due to the intermittent outages with Procentive we've been experiencing lately?

Hello Grant. I cannot say for certain, but I don't believe there would be any connection between the recent performance issue, and your password problem. In this case, I think the best course of action would be for you to send us a ticket with the details and we can look into it. It would be especially useful if you could get us a staff name that is currently having the problem, before you get a chance to fix it. Then we can take a look for you and help get it resolved. Thanks!

Thank, Kevin. If the issue occurs again, we will use the ticketing system and wait to reset the passwords.

+1

Hello again, Grant.


Something popped into my mind about your password issue last night. I remembered another customer that had a similar issue. Staff passwords were "randomly" updating. Here is what I recall.


First, they were using Chrome. In the Advanced Settings of the Chrome browser, there is a section on passwords and forms, and a link there called "Manage Passwords". Somehow, the staff that was responsible for making any changes in the staff module had saved a password for Procentive in this area. (We have coded to prevent this, but in the case that I recall, the staff was somehow able to get around this). Anyway, the saved password was auto-filling into the password field in the staff module/staff tab. So each time this staff opened the staff dialog and changed any information for any other staff, the password changed as well. The clue that this was happening was this -- when the staff opened any staff dialog and went to the staff tab, the password field was highlighted. Another clue was that the passwords weren't randomly changing, they were changing right after the staff dialog had been updated and re-saved by this one staff.


Anyway, this is what popped into my brain late last night. If this is still not the case for you, then definitely send the ticket. But if it is the case, let me know and I will see if engineers can do something to prevent this behavior altogether.


Thanks!

Kevin

Thanks for following up, Kevin. I believe there are staff that are using the saved password feature of Chrome in my organization, and I know some of the staff password changes occurred after staff's roles were changed, so your explanation makes sense. We will send out a memo to staff instructing them not to save passwords in their browsers moving forward. Thanks again.

-Grant