Page 1 of 9

LDS Account Password Policies

Posted: Tue Oct 06, 2015 1:04 pm
by LDSAccountTech
All church employees, missionaries, volunteers, (etc.) have workforce-enable LDS Accounts. When an individual's account is provisioned by Account Management (a process in which we set up their LDS Account with this workforce information) that individual's account is placed within the General Employee Password Policy, which states, that for security purposes, the LDS Account password will be required to be reset every six months. If the password isn't reset within the conclusion of the six months, the LDS Account is automatically locked, in which the individual will need to contact support to unlock the account (which we can do quickly). Note: the e-mail address associated with the LDS Account will send out password-change notifications two weeks prior to the password expiration. Because certain ward/stake callings are workforce enabled too (like seminary or institute instructors), they will also need to follow this password policy. Until they are released from their calling (which is reflected on their LDS Account) and their workforce is removed, they will reset their password every six months.

When an LDS Account is provisioned, an e-mail should be sent to the individual informing them of this information. As long as the primary e-mail address is up-to-date on the LDS Account, this e-mail will be received; if not, the recipient may not receive the notification (which is why we advise to have individuals update their LDS Account information at ldsaccount.lds.org to verify their information is correct).

Re: LDS Account Password Policies

Posted: Mon Dec 07, 2015 3:36 pm
by ji20874
I wish this policy didn't reach to volunteer early-morning seminary teachers. I just got a notice. My bank accounts and credit cards let me keep my password for years, and everything is secure. I think making people constantly change passwords is more for an illusion than real security.

I don't want my relationship with my church to like my workplace, where I have far too many userid and passwords, and I have to change all of them every 90 or 180 days, with different rules and character counts and configurations for each. With this new policy, every month there will be hundreds of calls to church headquarters about forgotten passwords from frustrated members. This is job security for the password re-setters, but frustration for members.

I think I prefer interfacing with my church in person or in paper.

All that said, I do appreciate being able to have only one userid and password for multiple church applications.

Re: LDS Account Password Policies

Posted: Mon Dec 07, 2015 4:11 pm
by sbradshaw
I think part of the reason all seminary teachers have to be in the workforce system is because WISE is hosted at wise.ldschurch.org, which is a workforce domain. It's easiest to apply the requirements to everyone on the domain.

Re: LDS Account Password Policies

Posted: Mon Dec 07, 2015 4:25 pm
by russellhltn
ji20874 wrote:I think making people constantly change passwords is more for an illusion than real security.
I tend to agree with you - particularly since most people figure out a workaround that is common and largely negates any advantage of changing the password.

But it's not our decision.

Re: LDS Account Password Policies

Posted: Tue Dec 08, 2015 2:02 pm
by zaneclark
So is it 6 months from the date of the post?

Re: LDS Account Password Policies

Posted: Tue Dec 08, 2015 2:31 pm
by aebrown
zaneclark wrote:So is it 6 months from the date of the post?
The password is required to be changed 6 months from the date that the LDS Account is configured as a Workforce account. Thereafter, it is required to be changed within 6 months from the last password change.

Re: LDS Account Password Policies

Posted: Tue Dec 08, 2015 3:56 pm
by zaneclark
I have had the same password since I set up my account several years ago.... I am curious as to when my 6 months will be up...

Re: LDS Account Password Policies

Posted: Tue Dec 08, 2015 4:20 pm
by lajackson
zaneclark wrote:I have had the same password since I set up my account several years ago.... I am curious as to when my 6 months will be up...
This discussion has centered on a special setting for LDS Account for users who are treated as if they are Church employees. They are the ones who have to reset their passwords every six months. You and I (and most members) do not.

Re: LDS Account Password Policies

Posted: Sun Dec 20, 2015 2:48 pm
by slwilliams01
The lds.org login remembers my name and password. I would like to eliminate the memory and require that I re-enter my name and password each time I login.

Thanks, Steve

Re: LDS Account Password Policies

Posted: Sun Dec 20, 2015 3:27 pm
by aebrown
slwilliams01 wrote:The lds.org login remembers my name and password. I would like to eliminate the memory and require that I re-enter my name and password each time I login.
It's not LDS.org that is remembering your name and password -- it is your browser. So you need to clear the password from wherever your browser stores it. Instructions for Chrome and Internet Explorer can be found here.