Passwords

To log in to Tungsten AP Essentials, you need a password.

For security reasons, you are automatically logged out of AP Essentials after 30 minutes of inactivity.

Minimum password requirements

At least 15 characters long (leading and trailing spaces are not allowed).
A combination of at least one uppercase and at least one lowercase letter.
At least one character that is not a letter.
Commonly used passwords are not allowed. For example, you cannot use "Password1" or "Qwerty123". If you try to change your password to a commonly used password, a dialog box appears to prevent you from doing so.

Recommended password requirements

At least 20 characters long (leading and trailing spaces are not allowed).
A combination of at least two uppercase letters and at least two lowercase letters.
At least two characters that are not a letter or a number.

You can change your password at any time by logging in to Tungsten AP Essentials, selecting your user name in the top menu, and selecting Change password. When you change your password in Tungsten AP Essentials Office or Admin Center, you are automatically logged out of other sessions that are present in web browsers other than the current browser.

If you lose your password, select Forgot password on the sign-in page and type your user name in the dialog box that appears. An email is automatically sent to the email address associated with your account. The email contains a link to a page where you can reset your password. The link is valid for only 3 days. If you do not use the link before it expires, you can select Forgot password to obtain a new link. The password is not reset until you use the link and manually reset it yourself. If you remember your password after you receive the email, you can still use your password to log in.

You have five chances to enter the correct password when logging in. If you enter the wrong password more than five times, your account is locked and your password must be reset by an administrator.

If you need to reset the password for a user who uses Tungsten AP Essentials Connect, we recommend that you stop the Windows service named "Tungsten AP Essentials Connect" before changing the password. Tungsten AP Essentials Connect runs silently via this service and logs in every 30 minutes. Therefore, if you change the password without stopping the service, the user is eventually locked out for using the wrong password.

Automatic pausing of inactive accounts

To reduce security risks from unused accounts, the system automatically pauses users who have not signed in for an extended period.

By default, accounts are paused after 90 days of inactivity. This applies to users who sign in with passwords. Users who authenticate using single sign-on (SSO) or who have two-factor authentication (2FA) enabled are excluded from this process.

How it works

Inactivity evaluation

The system regularly checks for users who have not signed in for 90 days.
Advance warning

Two weeks before the account is paused, the user receives an email with the scheduled pause date. This gives the user time to sign in.
Account pausing

If the user does not sign in before the deadline, the account is automatically paused.
Sign-in attempt after pausing

If a paused user attempts to sign in, access is denied and the user receives an email explaining that the account is paused and must be resumed by an administrator.

Restoring access

Customer and partner administrators with the Manage accounts or Manage user accounts privilege can resume paused users in Admin Center.

Note

Automatically paused accounts are managed separately from accounts that administrators disable manually.
Existing disabled accounts are not affected by the inactivity process.
A paused account must always be resumed by an administrator; access is not restored automatically.