Placeholder: Password Policy Hero

Altostrat enforces strong password requirements to enhance account security. This document outlines those requirements and details how passwords are securely stored.

Password Requirements

  1. Minimum Length: At least 8 characters.
  2. Required Characters:
  • Uppercase Letter (A–Z)
  • Lowercase Letter (a–z)
  • Number (0–9)
  • Special Character (e.g., !, @, #, $)
  1. Password History: You cannot reuse any of your last 3 passwords.

Secure Storage

Altostrat never stores passwords in plain text. Instead, passwords are hashed (using something like bcrypt) so:

  • One-Way Hashing: During login, Altostrat hashes the entered password and compares it to the stored hash.
  • Hash Comparison: If they match, the user is authenticated.
  • No Plain Text: Even if the database is compromised, attackers cannot reverse the hashed passwords.

Best Practices

  • Use Unique Passwords: Reusing passwords across multiple services puts all accounts at risk.
  • Enable MFA (2FA) if available for an extra security layer.
  • Password Manager: Consider using one to generate and store complex passwords.
  • Regular Rotations: Change passwords periodically, especially after any security incident.

Changing or Resetting Your Password

  1. Portal Users
  • Go to your account settings in Altostrat.
  • Find the Change Password option and enter a new one meeting the criteria above.
  1. Forgotten Password
  • Use the Forgot Password link at https://auth.altostrat.app.
  • An email with a reset link will be sent. Check spam or junk folders if not received.

If you are required to adhere to a specific organizational policy that is stricter than Altostrat’s defaults, please contact your administrator for any additional requirements.