Forgot Password
Agenda
1. Overview
2. Forgot Password Process
3. Password Policy
4. Process Flow with Screenshots
• In case user Forget his/ her Sign In password then he/she can follow the path/methodology described in this Manual to get a new password so as to Log In the Application .
• OTP will be send to mobile number updated in employee records and to @esic.nic.in domain email.
Version 5.1 Last Revised On : 01-01-2021 3
Overview - Forgot Password
1. The User clicks on Forgot Password link on home page.
2. The system displays a message containing following information:
a) Enter the user name on the account, capture the Captcha and then select ‘Submit’.
b) OTP will be sent to Mobile Number and email registered.
c) Check your mail inbox for a password reset email.
d) If User doesn’t see the email in his/ her inbox:
▪ Check user has to check whether official e-mail id has been registered by the competent authority in the Panchdeep Modules
▪ If mail not received then check Spam/ Junk folder
▪ Make sure email address: [email protected] is not blocked or make sure all emails from this email are always delivered
▪ If that still does not work, contact your authority or the authorised Nodal Officer of your office/ State.
3. The system prompts the actor to enter the ‘User Id’ & text verification code and then click the “Forgot Password”.
Forgot Password Process
4. If the entered user-id exists in the system, system will trigger an OTP via email (in case email id is specified in User profile) and SMS (in case mobile no is specified in User profile).
5. 8 digits alphanumeric OTP (Number, Uppercase, Lowercase) should be generated.
6. Validity of received OTP is 15 mins.
7. Resend OTP link will be enabled after 15 mins and new OTP will be generated.
8. OTP expiry threshold in case of the wrong OTP - (Five consecutive unsuccessful attempts), Send OTP link will get enabled post OTP expiry after 5 unsuccessful attempts or 15 mins whichever is earlier.
9. If the user clicks the forgot password multiple times during this 15 mins period, the system should pop-up message that OTP has already been sent on your registered mobile number 9********59 and /or e-mail id x*********[email protected]
10. After OTP Verification the system prompts the user to enter New Password & Confirm Password.
Version 5.1 Last Revised On : 01-01-2021 5
Forgot Password Process
The following password requirements will be considered for accessing sensitive services – 1. Your Password must be at least Eight characters and at most Sixteen characters long.
2. Minimum complexity Requirements for the Password:
• One Lowercase alphabet
• One Uppercase alphabet
• One Numerical value
• One Special character / symbol such as !_@#$%^&*(){}[]
• Passwords can’t contain the user name or parts of the user’s full name, such as their first name.
3. Ma
ximum password age – 90 Days & minimum password age – 1 day.
4. Account lockout threshold - (Five consecutive unsuccessful attempts).
5. Account lockout duration– (4 Hours).
6. User can reset password in case of Account Lockdown by Forgot password provision.
7. E-mail notification will be triggered to the user in case of an attempt of the wrong password by any other user if attempted wrong password for 3 or more times. Email notification will trigger to all users before 7 days of password expiry.
Password Policy
Version 5.1 Last Revised On : 01-01-2021 7
1. Password must Contain at least one uppercase letter, at least one lowercase letter, at least one number, at least one special character.
2. When changing your account password, the new password must meet the Strong or Very Secure minimum requirements.
3. It must be different than your account username.
4. When changing your account password, the new password cannot match the last five passwords used on the account.
5. You shall need to Change password every 45 days.
Password Changing Tips
1. Use a longer password. Longer passwords are generally more secure than shorter passwords.
2. Mix, match, and replace letters for numbers or special characters (such as using '@' for 'a’).
3. Avoid commonly used passwords and password variations (such as 'password12!' or 'admin123!’).
4. System won’t accept words in password like ‘esic’, ‘esi’, ‘password’, ‘admin’.
5. Avoid using passwords that match well-known information about yourself (such as your last name).
6. Make your password memorable so that you do not have to save it into your browser. Anyone with direct access to your computer can locate your saved password.
How Can you Create A Secure Password?
Version 5.1 Last Revised On : 01-01-2021 9
Forgot Password Process Flow
Employee need to visit Login page myesic.esic.in/ gateway.esic.in
Click on Forgot Password
Version 5.1 Last Revised On : 01-01-2021 11
Forgot – Password Screen
Forgot – Password Screen
1. Enter User ID/User name in Text Box 2. Enter Security Text
in Text Box here
3. Click on Next
Version 5.1 Last Revised On : 01-01-2021 13
Forgot – Password Screen
Click on Ok
Forgot – Password OTP Screen
Version 5.1 Last Revised On : 01-01-2021 15
Forgot – Password – OTP on Mobile Phone
Forgot – Password – OTP on e-mail
Version 5.1 Last Revised On : 01-01-2021 17
Forgot – Password Screen
1. Enter OTP in Text Box
2. Enter Security Text in Text Box here
3. Click on Verify
Forgot – Password Screen
1. Enter New Password of your choice in Text Box
2. Confirm New Password of your choice in Text Box
Version 5.1 Last Revised On : 01-01-2021 19
Forgot – Password Screen
Click here to view entered new password
Forgot – Password Screen
Click here on Submit to generate new Password Click here on checkbox
Version 5.1 Last Revised On : 01-01-2021 21
Forgot – Password Screen
Click on either link to login in Panchdeep application
Login page myesic.esic.in/gateway.esic.in
1.Enter User Name in Text Box
2. Enter New Password in Text Box
3. Click on Log In
Version 5.1 Last Revised On : 01-01-2021 23
