Required After First Login: space to indicate items required after first login. By requiring users to provide these items, they will be able to reset their own passwords without assistance should they forget the password in the future.
Two-Factor Authentication: allows for the configuration of two-factor authentication and when it is required. The recommended setting for this is to make 2-factor authentication optional and to only require authentication for portal account changes.
Password Requirements: this area allows for the specification of password requirements for logins. This information can be pulled straight from the questionnaire.
Prohibited Security Text for Participant Users: this area allows for certain phrases and items to be prohibited from both passwords and email. This is most commonly used to prevent users from entering poorly-formed passwords (ex. "password" or "12345678") as well as to limit email addresses such as work email. By preventing users from entering their work email, it will be easier to communicate with participants after termination of employment (where the work email address is no longer valid).
To enter multiple phrases, enter a semi-colon between each phrase.
Message Displayed for Denial of Portal Access: If the portal is ever shut off for a sponsor, this box allows for a custom message to be displayed when users try to log in. This is of course not applicable for new plan setup and can therefore be ignored here.
