Password History Policy

Overview


Password History Policy is free HostBill plugin shipped with every version that can prevent your customers and/or staff members from using n-number of their last password again.

The plugin stores the last customer/admin password hash in database with each change made to it.

Additionally, plugin can enforce customer/staff password change every N-days.

Activating the module


  1. The plugin is free and available to all HostBill users. In order to activate the plugin go to Settings→ Modules→ Plugins → Inactive, find and activate Password History plugin.
  2. Once the plugin is activated you will be directed to Settings→ Modules→ Plugins to configure the module.

Module configuration


Fill in the configuration fields:

  1. Choose module display name
  2. Select if you want the plugin to be accessible for all staff members or only selected staff members
  3. Enter:
    1. Number of passwords to keep: amount of the last customer/admin passwords that the customer is not allowed to reuse.
    2. Once Enforce regular customer password change option is enabled, you can provide number of days after which customer password should expire in:
    3. Password should be changed every n days setting for client password change requirement
    4. Once Enforce regular admin password change option is enabled, you can provide number of days after which admin password should expire in:
    5. Admin Password should be changed every n days setting for admin password change requirement


If customer attempts to re-use the old profile password, they will be presented with error message: