Summary
Under some circumstances, a user may become locked out of their Apricot account until it is unlocked by following specific steps in order to verify their identity.
This article describes how to lift this account lock effectively and quickly in order to regain access.
The "Why"
Apricot includes a security feature that may temporarily lock a user's account in order to maintain the security of your Apricot database.
This helps prevent malicious attempts to access your organization's sensitive information that is stored in Apricot.
A user lock-out may be triggered for 2 reasons
The user input their credentials incorrectly 5 times or more without successfully logging in
The user did not log in for greater than 30 days
Unlocking a Standard User's Account
The user lock-out on a standard or guest user can only be lifted by using the "Forgot Your Password?" link on the log-in page. This will prompt the user to confirm their username (email) so that an automated email can be sent to guide the user through creating a new password in order to lift the account lock. Please note: the account lock will not be lifted if the user chooses to use the same password that is currently assigned to their account - a new password must be created.
**IMPORTANT NOTES**
If an admin manually changes the password on the standard user's record, this will NOT lift the account lock.
If a standard user does not have access to the email being used as their username, they will need to have an administrator change their username to an email they can access in order to reset their password and regain access to Apricot. There is no exception to this rule for standard users. The username can be changed back (by an administrator) after access is regained if desired.
Once on the password reset screen, users will be timed out after 60 seconds if no changes are saved in this time. The user can hit the "continue" button on the timeout message, or they can log in again in order to return to the same password reset screen.
Unlocking an Administrator's Account
If the locked user is an administrator, the lock will only be able to be lifted by another administrator visiting the effected administrator's user record, checking the box "Force Password Reset," and saving the record.
Navigate to the administrator tab
Navigate to the Access Control category, then click it to reveal the contained options
Click "Users"
From here in the Users list, you will choose the administrator account that you are attempting to unlock.
Once in the user's record, you'll need to click on "Edit Users" in order to edit their record of the Users form.
Click on the "Force Password Reset?" checkbox
If the administrator in question is unsure of their current password, you can use the "Change" button next to "Password" to assign them a temporary password in order to regain access, at which point they will be forced to create a new password in order to lift the lock. NOTE: Even if you change the user's password here, the "Force Password Reset?" button will still need to be checked in order to lift the account lock.
Make sure to save the record. If you miss this step, the user record will not be unlocked.