As an Enterprise level security feature, Administrators can require users to periodically reset their passwords. Password reset intervals and complexity are based the organizations password policy parameters set by the admin (see link for more info). When a user’s password expires, both the user and administrator are notified via email (see image below). To reset the password, the user will need to login via the web portal where they will be prompted to enter their new password.
When logging in via FTP, FTPeS, or SFTP, the user will receive a standard login error message. Administrators can look up reports of login_failure events to determine whether it was due to an expired password:
– Event Detail: login_failure
– Status: 328
– Description: Failed login – expired password
The user will then require to login via web browser to reset their password (see step below).
When logging in through web browser using the expired password, the user will be prompted to create a new password that must meet the password policy requirements set by an administrator.