
Altostrat enforces strong password requirements to enhance account security. This document outlines those requirements and details how passwords are securely stored.
Password Requirements
- Minimum Length: At least 8 characters.
- Required Characters:
- Uppercase Letter (A–Z)
- Lowercase Letter (a–z)
- Number (0–9)
- Special Character (e.g.,
!
, @
, #
, $
)
- Password History: You cannot reuse any of your last 3 passwords.
Secure Storage
Altostrat never stores passwords in plain text. Instead, passwords are hashed (using something like bcrypt) so:
- One-Way Hashing: During login, Altostrat hashes the entered password and compares it to the stored hash.
- Hash Comparison: If they match, the user is authenticated.
- No Plain Text: Even if the database is compromised, attackers cannot reverse the hashed passwords.
Best Practices
- Use Unique Passwords: Reusing passwords across multiple services puts all accounts at risk.
- Enable MFA (2FA) if available for an extra security layer.
- Password Manager: Consider using one to generate and store complex passwords.
- Regular Rotations: Change passwords periodically, especially after any security incident.
Changing or Resetting Your Password
- Portal Users
- Go to your account settings in Altostrat.
- Find the Change Password option and enter a new one meeting the criteria above.
- Forgotten Password
- Use the Forgot Password link at https://auth.altostrat.app.
- An email with a reset link will be sent. Check spam or junk folders if not received.
If you are required to adhere to a specific organizational policy that is stricter than Altostrat’s defaults, please
contact your administrator for any additional requirements.