How To: Configure Password Settings

Creating a strong, unique password is essential for keeping your account secure. Commit your password to memory and never share your password with anyone, even another clinician or your Practice Administrator. If you ever feel like your password could be known to another person, change it immediately. If you forget or lose your password, contact your Practice Administrator and read Lost or Forgotten Password for more information.

To protect your records and help your practice maintain HIPAA compliance, TherapyNotes requires secure passwords. All TherapyNotes passwords may include lowercase and uppercase letters, numbers, symbols, and spaces and are subject to the following requirements:

• Must not contain your practice code, username, first name, last name, or email address
• Must not contain three consecutive characters (for example, "111" is not allowed)
• Must not start or end with a space
• Must not contain two consecutive spaces

When your practice uses the default password settings, the following rules apply to each user's TherapyNotes password:

• Contains at least 10 characters
• Includes at least one lowercase letter (a-z), uppercase letter (A-Z), number (0-9), and symbol (for example: #, !, %, &, *)
• Must be changed every 120 days
• Users may not reuse any of their previous 10 passwords

Our default password settings reflect our recommended minimum security standards.

To configure your practice's password settings:

• Click the User Icon > Settings > Security

• Under Password Settings, edit the minimum password length, character requirements, password expiration period, and previous password restrictions as desired
• If your security settings do not meet our minimum security standards, a warning will appear at the bottom of the page. Edit your settings to comply with our minimum security standards or select the I understand the risks and want to use these settings anyway checkbox
• Click the Save Custom Security Settings button