Configuration Manager - Commerce - Password Invalidation

Use the Password Invalidation panel of the Configuration Manager to enable or disable the password invalidation feature.

Note: To use the password invalidation security feature, you need to define the ChangePassword view for your store as described in Password invalidation.

When enabled, password invalidation forces WebSphere Commerce users to change their password if the user's password expired. Users are redirected to a page where they have to change their password. Users are not able to access any secure pages on the site until they update their password.

Enable: When the check box is selected, the password invalidation feature for your instance is invoked. This feature is enabled by default.
Apply: Applies your changes to Configuration Manager.

Upon successfully updating the configuration for your instance, a message displays to indicate a successful update.

Note: You need to stop and then restart the WebSphere Commerce Server instance after you apply your changes.

For more information, see Authentication policies.