The wMobile Password Management has been updated, in large part for compatibility with GoldMine 2018.2. As many of you know, the GoldMine 2018.2 release contained many programmatic changes related to data security. wMobile 220.127.116.113 and above are compatible with GoldMine 2018.2. However, if you’re not on a version of wMobile 4.1, we’d recommend that you upgrade wMobile. You can access the wMobile 4.1 update on the Demos and Downloads tab of our wMobile product web page.
Starting with GoldMine 2018.2, GoldMine will now be storing passwords in proper case. Previously these were stored in all upper case, so as to be case-insensitive. After the GoldMine upgrade, all users will need to log into GoldMine (or wMobile) using their existing passwords ALL IN CAPS, and then change their passwords. Password complexity settings can be configured, but going forward password requirements will likely include 1 upper case letter, 1 lower case letter, 1 digit/number, one special character, and a length requirement.
Once wMobile detects GoldMine 2018.2 version, it starts to verify the password weakness at login time. If it doesn’t respect the password complexity requirements, the user is prompted to change it.
In wMobileDesktop, the user would be presented with this page, if they have not already logged into GoldMine and updated their password.
In wMobile Phone, a user would be present with the page below, if they have not already logged into GoldMine and updated their password.
GoldMine does give existing customers the option not to adopt the new password complexity requirements. (New installations of GoldMine will not have a choice.) If a customer has upgraded to GoldMine 2018.2 but has kept their previous password policy, there is an option in the wMobile Manager Console to choose whether or not to enable the GoldMine password complexity rules.
Open the System Settings in the wMobile Manager Console.
Navigate to Configuration > Common > Security > AccountPolicies > PasswordPolicy
Set EnablePasswordComplexityRules as False, if you have maintained an old password security policy in GoldMine.
While we always recommended that users have GoldMine/wMobile passwords, we did not programmatically require a password if your GoldMine security policy allowed it. Having a password will now be required, regardless of GoldMine version. If a user had a blank password, they’ll be provided an opportunity to change their password.
When GoldMine passwords are changed, existing One Click logins will no longer work. (They contain the username and password in an encrypted format.) Users will need to remove old One Click Logins for wMobile Phone and/or Desktop and recreate them.
We have updated our blog posts on creating One Click Logins at the links below: