What is Password History Check?

The Administrators can enforce Password History Check when an End Users resets the SummitAI application password. Based on the organization’s password policy, the Password History Check can be performed, not allowing the user to reset his password to last n passwords, where, n is the last n number of passwords not allowed.

Example:

If Password History Check is enabled, and as per the organization’s Password Policy, the End User cannot change his password to last 3 passwords.

Configuration

• Based on the customer’s request to enable Password History check, the SummitAI Team needs to set the following key to True:
  <add key="PwdMgmt:IsPwdHistoryEnforceEnabled" value=""/>
  The default value of the key is False.
  
  For SummitAI Mobile App users, the above key should be added in the Mobile Services (Web.config file, MobileWS > web.config).
  In a Proxy setup (SummitAI application hosted On Cloud and AD on-premise), the above key need to be added to the Proxy Server (proxy > web.config).

• The organization may add additional Password Checks as part of their Password Policy. They can configure a custom message as part of the Password Policy Message when the user is trying to reset the password.
  <add key="PwdMgmt:PwdPolicyMessage" value="" /> // (Web.config file, MobileWS > web.config)

  Note:

  This custom message is for display purpose only. SummitAI does not do any validations for this.

  For SummitAI Mobile App users, the above key should be added in the Mobile Services (Web.config file, MobileWS > web.config).