10.2.1.3. Password change self-service

Airlock IAM knows two types of password change self-services:

Voluntary password change
The user chooses to change the password and enters the old and the new password.
The user needs to be logged-in to use this self-service.
Mandatory password change
The user is forced to change the password during the login process. The login process fails, if the password cannot be changed.
Password change is enforced when:
  • The password change flag is set (e.g. initial password).
  • The policy is violated by the currently used password (and the corresponding configuration option is set).
Since the mandatory password change is part of the login process, entering the existing password is optional (depending on configuration).