Resources
Password Policy
Requirements for secure user passwords in Altostrat.
Altostrat enforces strong password requirements to enhance account security. This document outlines those requirements and details how passwords are securely stored.
Password Requirements
- Minimum Length: At least 8 characters.
- Required Characters:
- Uppercase Letter (A–Z)
- Lowercase Letter (a–z)
- Number (0–9)
- Special Character (e.g.,
!,@,#,$)
- Password History: You cannot reuse any of your last 3 passwords.
Secure Storage
Altostrat never stores passwords in plain text. Instead, passwords are hashed (using something like bcrypt) so:
- One-Way Hashing: During login, Altostrat hashes the entered password and compares it to the stored hash.
- Hash Comparison: If they match, the user is authenticated.
- No Plain Text: Even if the database is compromised, attackers cannot reverse the hashed passwords.
Best Practices
- Use Unique Passwords: Reusing passwords across multiple services puts all accounts at risk.
- Enable MFA (2FA) if available for an extra security layer.
- Password Manager: Consider using one to generate and store complex passwords.
- Regular Rotations: Change passwords periodically, especially after any security incident.
Changing or Resetting Your Password
- Portal Users
- Go to your account settings in Altostrat.
- Find the Change Password option and enter a new one meeting the criteria above.
- Forgotten Password
- Use the Forgot Password link at https://auth.altostrat.app.
- An email with a reset link will be sent. Check spam or junk folders if not received.
If you are required to adhere to a specific organizational policy that is stricter than Altostrat’s defaults, please contact your administrator for any additional requirements.