How To: Configure Password Settings


Creating a strong, unique password is essential for keeping your account secure. Commit your password to memory and never share your password with anyone, even another clinician or your Practice Administrator. If you ever feel like your password could be known to another person, change it immediately. If you forget or lose your password, contact your Practice Administrator and read Lost or Forgotten Password for more information.

To protect your records and help your practice maintain HIPAA compliance, TherapyNotes requires secure passwords. All TherapyNotes passwords may include lowercase and uppercase letters, numbers, symbols, and spaces and are subject to the following requirements:

  • Must not contain your practice code, username, first name, last name, or email address
  • Must not contain three consecutive characters (for example, "111" is not allowed)
  • Must not start or end with a space
  • Must not contain two consecutive spaces

When your practice uses the default password settings, the following rules apply to each user's TherapyNotes password:

  • Contains at least 10 characters
  • Includes at least one lowercase letter (a-z), uppercase letter (A-Z), number (0-9), and symbol (for example: #, !, %, &, *)
  • Must be changed every 120 days
  • Users may not reuse any of their previous 10 passwords

Our default password settings reflect our recommended minimum security standards.

Role Required: Practice Administrator

To configure your practice's password settings:

  • Click the User Icon > Settings > Security


  • Under Password Settings, edit the minimum password length, character requirements, password expiration period, and previous password restrictions as desired
  • If your security settings do not meet our minimum security standards, a warning will appear at the bottom of the page. Edit your settings to comply with our minimum security standards or select the I understand the risks and want to use these settings anyway checkbox.
  • Click the Save Custom Security Settings button
Have more questions? Submit a request


  • Avatar
    Abby Stein

    Hi how do I add an administrator for my billing.

    How does she get a password...

    How do I delete current administrate

    That's in advance...abby

  • Avatar
    Abby Stein

    Abby stein

  • Avatar


    To learn how to add a practice administrator read the "Staff User Accounts" section of this article:

    Once you save the new staff user account a temporary password will pop up. Write down the password; it is case sensitive and does include the dashes. Give the new staff user the username, password, and practice code.

    To get rid of the current administrative staff user, click STAFF at the top, click on the person's name, go to the Information tab. Click anywhere on the User Information box to open it for editing. Change the "Status" drop down box to "Inactive". Click the green "Save Changes" button.