Change Password
Secure your True Tracker account by updating your password regularly and following security best practices.
Overview
Changing your password regularly is essential for maintaining account security. True Tracker provides secure password management tools to help protect your account and organizational data.
Accessing Password Settings
- Sign in to your True Tracker account
- Click your profile avatar in the top-right corner
- Select "Profile Settings" → "Security"
- Or navigate to Settings → Profile → "Change Password"
Password Requirements
Your new password must meet these security requirements:
Minimum Requirements
- Length: At least 8 characters (12+ recommended)
- Uppercase: At least one uppercase letter (A-Z)
- Lowercase: At least one lowercase letter (a-z)
- Numbers: At least one digit (0-9)
- Special Characters: At least one symbol (@, #, $, %, etc.)
Additional Security Rules
- Cannot be the same as your current password
- Cannot contain your username or email address
- Cannot be a commonly used password
- Cannot be similar to your last 5 passwords
- Must not contain personal information (name, birthdate, etc.)
Changing Your Password
Step-by-Step Process
-
Access Password Change Form
- Navigate to password settings
- Click "Change Password" button
-
Enter Current Password
- Type your existing password in the "Current Password" field
- This verifies your identity before allowing changes
-
Create New Password
- Enter your new password in the "New Password" field
- Password strength indicator will show security level
- Aim for "Strong" or "Very Strong" rating
-
Confirm New Password
- Re-enter your new password in the "Confirm Password" field
- Passwords must match exactly
-
Save Changes
- Click "Update Password" button
- System will validate all requirements
- Confirmation message will appear upon success
Password Strength Indicator
The system provides real-time feedback:
- Weak: Red indicator, basic requirements not met
- Fair: Yellow indicator, meets minimum requirements
- Good: Light green, good security practices
- Strong: Green indicator, excellent security
- Very Strong: Dark green, maximum security
Password Best Practices
Creating Strong Passwords
Use Passphrases
- Combine multiple unrelated words
- Example: "Coffee#Mountain$Blue9"
- Easier to remember than random characters
- Naturally meets length requirements
Avoid Common Mistakes
- Don't use dictionary words
- Avoid personal information
- Don't use keyboard patterns (qwerty, 123456)
- Avoid common substitutions (@ for a, 3 for e)
Password Composition Tips
- Mix uppercase and lowercase letters
- Include numbers throughout, not just at the end
- Use special characters in the middle
- Make it memorable but not guessable
Password Management
Regular Updates
- Change password every 90 days (or as required by policy)
- Update immediately if you suspect compromise
- Don't reuse old passwords
- Use different passwords for different systems
Secure Storage
- Use a password manager for complex passwords
- Don't write passwords down in plain text
- Don't share passwords with others
- Don't store passwords in browsers on shared computers
Two-Factor Authentication (2FA)
Enabling 2FA
-
Access Security Settings
- Go to Profile → Security → Two-Factor Authentication
-
Choose Authentication Method
- SMS: Receive codes via text message
- Email: Receive codes via email
- Authenticator App: Use Google Authenticator, Authy, etc.
-
Setup Process
- Follow the setup wizard
- Verify your phone number or email
- Scan QR code for authenticator apps
- Test the setup with a verification code
-
Backup Codes
- Generate and save backup codes
- Store codes in a secure location
- Use backup codes if primary method unavailable
Using 2FA
Login Process with 2FA
- Enter username and password
- System prompts for verification code
- Check your phone/email/authenticator app
- Enter the 6-digit code
- Complete login process
Managing 2FA
- Update phone numbers when changed
- Regenerate backup codes periodically
- Test 2FA setup regularly
- Keep backup methods current
Account Security Features
Login Monitoring
Security Alerts
- Email notifications for new device logins
- Alerts for unusual login locations
- Notifications for multiple failed attempts
- Password change confirmations
Session Management
- View active sessions
- Log out from all devices remotely
- Set session timeout preferences
- Monitor login history
Account Lockout Protection
Failed Login Attempts
- Account locks after 5 failed attempts
- 15-minute lockout period
- Progressive lockout for repeated failures
- Administrator notification for persistent attempts
Unlocking Your Account
- Wait for automatic unlock (15 minutes)
- Contact system administrator
- Use password reset if forgotten
- Verify identity for manual unlock
Password Recovery
Forgot Password Process
-
Access Reset Form
- Click "Forgot Password?" on login page
- Enter your email address or username
-
Check Your Email
- Password reset link sent to registered email
- Link expires in 24 hours
- Check spam folder if not received
-
Create New Password
- Click the reset link
- Enter new password meeting requirements
- Confirm new password
- Save changes
-
Login with New Password
- Use new password to sign in
- Update any saved passwords
- Consider enabling 2FA
Recovery Troubleshooting
Email Not Received
- Check spam/junk folders
- Verify email address is correct
- Try alternative email if configured
- Contact administrator for assistance
Reset Link Expired
- Request new password reset
- Complete process within 24 hours
- Contact support if repeated issues
Mobile Password Management
Mobile App Security
- Use device biometric authentication when available
- Enable app-specific PINs
- Set automatic logout timers
- Keep mobile app updated
Mobile Password Changes
- Change passwords through mobile app
- Sync changes across all devices
- Use mobile-friendly password managers
- Enable push notifications for security alerts
Compliance and Policies
Organizational Password Policy
- Follow company password requirements
- Adhere to change frequency requirements
- Report security incidents immediately
- Participate in security training
Regulatory Compliance
- Meet industry-specific requirements
- Maintain audit trails
- Document security procedures
- Regular security assessments
Troubleshooting
Common Issues
Password Not Accepted
- Verify all requirements are met
- Check for hidden characters
- Ensure caps lock is correct
- Try typing password in text editor first
Cannot Remember Current Password
- Use password reset process
- Contact system administrator
- Verify identity for account recovery
- Update password manager records
2FA Not Working
- Check device time synchronization
- Verify phone number/email is current
- Use backup codes if available
- Contact support for assistance
Getting Help
Self-Service Options
- Password strength checker
- Security best practices guide
- FAQ and troubleshooting guides
- Online security training
Support Contacts
- IT Help Desk: Technical password issues
- Security Team: Suspected compromises
- System Administrator: Account lockouts
- Manager: Policy questions
Security Incident Response
If You Suspect Compromise
-
Immediate Actions
- Change password immediately
- Log out from all devices
- Check recent account activity
- Enable 2FA if not already active
-
Report the Incident
- Contact IT security team
- Document suspicious activity
- Provide timeline of events
- Follow incident response procedures
-
Follow-Up Actions
- Monitor account for unusual activity
- Update other related passwords
- Review security practices
- Participate in security review if requested
Next Steps
After changing your password:
- Update your profile information if needed
- Review other security settings
- Consider enabling additional security features
- Explore other system settings for optimization
Remember: A strong password is your first line of defense against unauthorized access to your True Tracker account and your organization's maintenance data.