Symptom
This article describes how to configure it in details so it can be personalized based on your company’s needs, for customers with “Manage External Password Policy” feature enabled, specific rules can be specified to external candidates creating account on External Career site.
Environment
SAP SuccessFactors Recruiting Management
Resolution
Pre-Requisites:
- Separate Password Policy for External Candidates must be Enabled. If not, please create a ticket with Customer Success Team.
- Grant users permission:
- RBP: Admin Tools -> Manage Permission Roles -> select Role -> Permission -> Manage Recruiting -> Manage External Password Policy permission
Working with the External Password Policy page
Password Policy Settings
The rules specified will be made visible to candidates on the account creation screen if the candidate hovers over the Password Policy link.
When this is used, the candidate will see a bar next to their password field indicating their password strength and the point where their password becomes acceptable.
Option | Recommended | Function |
Minimum Length | 8 | Minimum number of characters the password must contain to be acceptable |
Maximum Length | 18 | Maximum number of characters the password may contain |
Maximum Successive Failed Login Attempts Set to 0 will disable this option; The system will lock a user account if successive failed login attempts exceed what the policy allows, within a 1-minute period. |
5 |
Specifies how many attempts can be made within 60 seconds before the account is locked It is not advisable to use this setting for most clients because it then requires admin action to unlock a candidate or agency account |
Case Sensitive (recommended) | Checked | Causes the password to distinguish between capitalized and non-capitalized letters |
Mixed Case required Will be ignored if Case Sensitive is not checked |
Checked | Requires that the password contain at least one capitalized and at least one non-capitalized letter |
Non-alpha characters required | Checked | Requires that the password includes at least one character other than a letter |
- The options available in the External Password Policy are pre-set; no additional options are available.
- Candidates will not be notified (i.e.: via email) if a system admin changes the existing password policies. Changing the password policies won't affect candidates who already have the account.
- If Maximum Successive Failed Login Attempts is set to greater than zero then it is possible for an external candidate or agency user to accidentally lock their account with too many failed login attempts. On this page the admin can re-set the account so that it can once again be accessed.
- For the external candidate the primaryEmail field value must be used to look up the candidate. This may or may be the same as the contactEmail value that is widely displayed on the candidate profile and application records. The primaryEmail field should be configured on the Candidate Profile XML to ensure the admin can locate and use it to reactivate the account.
Keywords
Manage, External, Password, Policy, account, creation, site, users, agency , KBA , sf recruiting , LOD-SF-RCM , Recruiting Management , How To