Password control

Password requirements

When setting a password for simple sign-in, the following rules apply:

  • A minimum length of 8 characters

  • At least 1 lowercase letter (a-z)

  • At least 1 uppercase letter (A-Z)

  • At least 1 number (0 - 9)

  • At least 1 special character (!, $, #, or %)

Password validation includes checks to determine if the password specified for registration or reset is compromised.

Checks are made using the haveibeenpwned.com service with the k-anonymity model, to determine if a password has been leaked. If a specified password is found to be compromised, it cannot be used, and you will be prompted to try again.

Password expiry

Patchworks passwords do not expire.

If you are logged into the dashboard, you can change your password by selecting the change password option associated with your avatar (in the top right-hand corner of the dashboard). For further information, please see: Managing your own user account.

Users with an administrator or manager role can trigger password resets for other users in their company profile.

Password storage

Patchworks passwords are stored in an encrypted AWS database.

Password control

Passwords can never be viewed or accessed by users, irrespective of their role.

Managing passwords for other users

Users associated with an administrator or manager role can trigger a password reset for any users in their company profile, via the Patchworks dashboard. For more information, please see our Triggering a password reset for another user page.

Password reset links are valid for 24 hours. After this, another password reset must be triggered so a new link is emailed.

Passwords are never set on behalf of other users.

Forgotten passwords

If you sign in to the Patchworks dashboard with an email address and password, you can reset your password at any time, from the Patchworks sign-in page:

Forgot your password option from Patchworks sign-in page

Alternatively, use the link below:

https://app.wearepatchworks.com/reset-password

Selecting this option displays a reset password page - enter your email address to trigger a password reset email:

The password reset email includes a link which allows you to reset your password.

Password reset links are valid for 24 hours. After this, another password reset must be triggered so a new link is emailed.

Google sign-in passwords

If you sign into Patchworks with your Google account, you won't have a password for Patchworks.

However, if a password reset is triggered for a Google sign-In user, a password reset email IS triggered and can be used to set a Patchworks password.

This does not affect your Google sign-in, it just means you can choose to log in via Google OR by entering your email address and Patchworks password.

External access

External access via the Patchworks API is granted via API tokens. For further information, please see our API help pages.

PreviousRegistering for a Patchworks accountNextTwo-factor authentication (2FA)

Last updated