Password Change Logging

Password Change Logging

Overview of Password Configuration settings

Logging.jpgChecking the Log All Password Changes box enables logging of all successful and unsuccessful password change attempts.

Audited password change attempts are logged in a list that is created by Password Change in the SharePoint site collection. This list will show you the history of password change attempts.

Audit logs are stored in Site Contents > Bamboo Password Change Audit Log.

HW06_AuditList.jpg

  • The audit log is a standard SharePoint list.
  • SharePoint administrators can apply alerts and workflows to help monitor password change attempts.
  • The permissions for this list can be modified to restrict access to certain users or groups to protect user information.
  • The Bamboo Password Change Audit Log displays every password change attempt using the following columns:
Column Description
Account Name This column displays the User Name and Domain Name in the format that they were sent to the Authentication Provider.
Domain Name This column displays the domain which hosts the account that the user was attempting to change the password for.
User Name This column displays the name of the account that the user was attempting to change the password for.
Requestor: This column displays the name of the user who attempted to change a password using the Web Part.
Status This column displays whether the password change attempt was a success (Success) or a failure (Fail).

Password Change Look and Feel Settings

Password Change Look and Feel Settings

Overview of Password Configuration settings

LnF.jpgThe Password Change Web Part can be customized by creating a custom HTML layout and editing the CSS provided in the Password Change Web Part Settings window.

To change look and feel settings, perform the following steps:

  • Customize the Web Part Layout
  • Customize the Look and Feel (CSS)

The default layout of the Password Change Web Part is a vertical orientation of text fields in the following order:

  • Domain (This field can be hidden)
  • Account (This field can be hidden)
  • Old Password
  • New Password
  • Password Strength Meter (This field is tied directly to the New Password field and always appears directly beneath it)
  • Confirm Password

ModLayout.jpgTo customize the layout of the Web Part, select Custom Layout, and then click the Modify Layout button.

Password Change Messages

Password Change Messages

Overview of Password Configuration settings

The Password Change Web Part features feedback tools to help users change their passwords more effectively. To turn these tools on or off, check or uncheck the appropriate box.

Choice Action Description
Display password strength meter When you check this box, a password strength meter is displayed on the Web Part under the New Password field. It indicates how strong the new password is. The meter updates dynamically as the user types in the New Password field.

Meter.jpg

NOTE: The Password Strength Meter displays password strength based on a fixed algorithm that cannot be edited. Passwords that conform to your password policy are not necessarily considered “Strong”.

Display password expiration message Check this box in order to display a message that tells the user how many days are left until their password expires. Expires.jpg
Display confirmation message after password change When you check this box, the page will refresh after a successful password change, and all of the displayed fields for changing passwords will be replaced with a message containing the results of the password change. This option helps to prevent users from changing their passwords multiple times by mistake. AfterChg.jpg
Success.jpg
Unable.jpg

Password Change Policy Display

Password Change Policy Display

Overview of Password Configuration settings

In this section, you can configure the description of your password policy, whether to display the policy, and where to display it.

To configure this section of the Web Part, follow these steps:

Column Description
1. Check the box next to Display Password Policy Description to show the configured text in the Web Part. If you choose not to display this information, uncheck the box and disregard the following steps.
DisplayPolicy.jpg
2.

In the Edit password policy text editing area, type the description you would like to display that accurately describes your policy regarding the strength of passwords (length, inclusion of numbers, capital or lowercase letters, special characters, etc.). The edit box contains the formatting options that are typically used in the content editor web part. Bamboo has provided sample text and this should be replaced with your password policy.

EditPolicy.jpg

NOTE: Editing the password policy text does not change the password policy, only the description that appears in this Web Part. Users with the Design permission level may edit this text, but only the server administrator can change the password policy.

3. Use the Choose the Position of the Policy Text drop-down list to determine where the policy text will be displayed.
PolicyPosition.jpg

Password Change Account Display Settings

Password Change Account Display Settings

Overview of Password Configuration settings

In this section, you will configure whether users can see and change the Domain and Account information linked to the password they are changing. These settings are represented by a series of buttons and check boxes.

Choice Action Description
2-Box Format Single Box Format
2-BoxFormat.jpg
Domain.jpg
Enter the Domain and Account Name in separate fields.
Used for logons with the pre-Windows 2000 format (DOMAINACCOUNT)
Single Box Format
SingleBox.jpg
DomainSingle.jpg
Enter the Domain and Account Name in one common field.
Used for the User Principle Name (UPN) logons (account@domain)

Definitions of Above Choices:

  • Display Domain: Displays a field for the user to enter the domain name of the server that contains the account to update.
  • Lock Domain: Automatically displays the domain name that the user is currently logged in with. If this box is checked, the user cannot edit this field.
  • Display Account: Displays a field for the user to enter the account name that they want to change the password for.
  • Lock Account: Automatically displays the account name that the user is currently logged in with. If this box is checked, the user cannot edit this field.

Password Change General Settings

Password Change General Settings

Overview of Password Configuration settings
Step Action Result
1. Click General Settings to open the window where you can define the general behavior of the Password Change Web Part by configuring the following settings.
2. Select the SharePoint Web application zone that is configured to use the authentication provider for which you want to change the user passwords. The available zones are displayed in the Select a Zone drop-down list.

zone.jpg
After selecting the Web Application Zone, the Authentication Type, the Membership Provider, and the URL details are displayed automatically.
3. Select the appropriate authentication type.

The Password Change Web Part can be configured to add accounts to the following authentication providers:

  • Active Directory Services (Windows)
  • NT Directory Services (Windows)
  • Forms Based Authentication using the following membership providers:
    • SQL Server membership provider
    • Active Directory membership provider

Authentication providers not specifically listed above are not supported by the Password Change Web Part.

Customize CSS for Password Change

Customize CSS for Password Change

Overview of Password Configuration settings

CustomLayout.jpgIf you want to create unique CSS class names, click Custom layout to enable the Modify Layout button. Should you define custom classes in the layout HTML Editor, they should be also be added to the CSS class definitions in the CSS Edit window; you access it through the Modify CSS button.

ModifyCSS.jpgEach CSS element is listed in the CSS Editor, along with any styles currently defined for it. You can add CSS style attributes as desired to customize how elements are displayed in the web part.

Below is a list of the default CSS classes defined for Password Change:

Item Class Result HW06_CSSEditor.jpg
1. ChangePassWordButtonStyle Defines the height and width of the button.
2. ClearButtonStyle Defines the Clear button height and width.
3. TextBoxControls The text box fields are set by default at 300 pixels wide; this lets you increase or decrease the width.
4. PanelPasswordStrengthMeter

Defines the look and feel of the Password Strength Meter.
StrengthMeter.jpg

NOTE: The Password Strength Meter will always be positioned directly beneath the New Password text field. This cannot be changed.

5. PasswordExpirationMsg Defines the font color of the Password Expiration Message.
6. SuccessfullyChangedMsg Defines the font color of the confirmation message seen after successfully changing a password.
7. FailedToChangeMsg Defines the font color of the failure message seen after an unsuccessful attempt to change a password.

Create Custom HTML Layout for Password Change

Create Custom HTML Layout for Password Change

Overview of Password Configuration settings

To customize the layout of the Web Part, select Custom Layout, and then click the Modify Layout button.

HW06_HTMLEditor_2013.jpgIn the HTML Editor window, you can customize the HTML used to define the layout of the Web Part. Note: The HTML provided in the HTML Editor window is a sample only and must be replaced by your custom HTML.

The following options on the right side of the window are available to help you construct the HTML code:

No. Column Description
1. Field Control

Contains a list of the text fields that are displayed on the Web Part. Select a field to insert into your custom HTML and provide a CSS class name that can be used later to define the style for the field (optional). Place the cursor in the HTML Editor where you want to insert the field and click the Insert button. The following text will be inserted:

[@Field:InternalFieldName CSSClass=”ClassName”]

  • @Field defines the type of control (i.e., text box, radio button, selection list) added to the page. In the case of the Password Change Web Part, the field will always be a text box.
  • InternalFieldName is the internal name of the text field. The internal name of a text field is defined by the Web Part and cannot be changed.
  • CSSClass is an optional parameter that allows you to define a unique CSS style to the Field Control.
  • ClassName is the name of the class that was defined in the CSS Class Name field.
2. Field Label

Lists the text fields defined by the Web Part. This allows you to create a custom name for each text field that differs from the InternalFieldName. Select a field, define a CSS class name (optional), and click Insert to add the label of the text field into the HTML Editor. The following text will be inserted:
Note: The Field Label will not change the InternalFieldName of the Web Part elements, only the label that appears in the Web Part. When editing custom HTML, the original field names must still be used.

[@DisplayName:InternalFieldName CSSClass=”ClassName”]

  • @DisplayName defines the type of control added to the page. Field labels are typically text.
  • InternalFieldName (See Above)
  • CSSClass (See Above)
  • ClassName (See Above)
3. Action Buttons

Use this drop-down list to modify the Change Password button or the Clear button. Select which button to modify and enter a CSS class name (optional). Put the cursor in the HTML Editor where you want the button to be displayed and click Insert. The following text will be inserted:

[@Control:BtnControlName CssClass=”ClassName”]

  • @Control defines which button you will be modifying.
  • ControlName is the internal name of the button. The internal name of the button is defined by the Web Part and cannot be changed.
  • CssClass is an optional parameter that allows you to define a unique CSS style for the button.
  • ClassName is the name of the class that was defined in the CSS Class Name field.

When you are finished constructing your custom HTML, click the Save button in the HTML Editor to save the new layout and return to the Look and Feel Settings page. Click Save & Close in the Web Part Settings window and then click Apply and then OK in the Web Part tool pane to view the new layout.

See also:

Configure the Password Change Web Part

Configure the Password Change Web Part

Overview of Password Configuration settings

After adding Password Change to a page, the web part can be configured with the help of the Web Part Settings page.

You can choose from the two procedures below to display the Web Part Settings page:

Step Action Result
1. To modify the Web Part properties, select Edit Web Part from the drop-down menu of the Bamboo Password Change Web Part window. hw06_EditWebPart_new_2013.jpgSharePoint 2010/2013
2007Edit.jpgSharePoint 2007
2. Click the Password Change Web Part Settings button in the Web Part tool pane to display the Web Part Settings page. 02.jpg

Or you can perform the following steps:

Step Action Result
1. Click the Web Part tab on the upper panel, and then click the Web Part Properties button. 03.jpg
2. Click the Password Change Web Part Settings button to display the Web Part Settings page.

Note: You must disable pop-up blockers for the site to display the Web Part Settings.

Click the links below for further details on the Password Change Web Part settings configuration. After you have finished configuring the web part, click the Save & Close button in the Web Part Settings page, and then click Apply and then OK in the web part tool pane to fully save your settings.

How to Change Your Password

How to Change Your Password

After the web part is installed and configured, users can then change their account passwords.

HW06_WebPart_2013.jpgTo use Password Change, enter the required information in the fields described below.

Step Action
1. The Password Policy section displays the text that your administrator has configured in the General Settings section of the Web Part Settings window. It describes the user account password policies created by your server administrator.
2.

The Domain field allows you to see and configure the domain name of the server where your account information is stored. This field is automatically filled in with the domain that you are currently logged into.

NOTE: This field may have been configured as hidden or view only by your server administrator to prevent inexperienced users from entering the incorrect domain.

3.

The Account field allows you to enter or change the account name that you want to change the password for. This field is automatically filled in with the account name that is currently logged in.

NOTE: This field may have been configured as hidden or view only by your server administrator to prevent inexperienced users from entering the incorrect user name.

4.

Enter your current password in the Old Password field to authenticate your identity.

  • After entering your old password, enter your chosen password in the New Password field.
5.

If the Password Strength Meter is displayed in the Web Part, it appears directly beneath the New Password field. The meter displays how strong your password is by filling in the gray bars and indicating the strength of the password by text, for example “Weak”.

Note: The Password Strength Meter displays password strength based on a fixed algorithm that cannot be edited. Passwords that conform to your password policy may not necessarily be considered “Strong”.

6. Once you have entered a strong password, re-type it into the Confirm New Password field. Make sure the password you enter in this field exactly matches the one you entered in the New Password field.
7.

Once you have filled in these fields, you can click the Change Password button to change your password. To clear all fields and start the procedure again, click the Clear button. After successfully changing your password, the system will display a message to notify you of the change and to prompt you to close your browser for applying the changes.

Note: Password Change will refresh the page. To prevent the loss of unsaved data, Password Change is often used on its own page, although this is not required.