NaviNet requires users to change their passwords periodically in accordance with HIPAA security standards.
The following is a brief summary of the NaviNet password lifetime. It is does not attempt to present the NaviNet password policy in its entirety, nor is it a comprehensive listing of all NaviNet user statuses.
|No Initial Login||A temporary password is generated at random when a new user is created in NaviNet or when a user's password is reset. Users have 60 days to log in and select a permanent password.|
|Active||After creating a permanent password, users are in an Active status for a period of 120 days. Users can change their password at any time during this period, by clicking Manage My Profile on the Welcome menu, and then clicking My Security. For a two-week period before the Active period ends, users will receive a notice upon logging in to NaviNet reminding them that their password is about to expire.|
|Expired||Users have a 90-day grace period after their permanent password expires, in which they can reset their password by clicking Forgot Your Password? on the NaviNet login page.|
|Disabled||If users do not select a permanent password within 60 days after receiving their temporary password, or if they do not reset their permanent password within 90 days after it expires, they will not be able to log in to NaviNet. Users having a status of Disabled must contact their NaviNet Security Officer to have their password reset.|
For more information about managing passwords and user statuses, see Managing Users.