Cloud Password Reset Notification

Document created by user.zL0FB6L9lN Expert on Apr 18, 2016Last modified by user.zL0FB6L9lN Expert on May 3, 2016
Version 2Show Document
  • View in full screen mode

Information for End Users

 

Why did I receive a Password Reset Notification?

 

You have received this notification because your Mimecast Cloud password has been reset.

 

What should I do now?

 

If you performed or were expecting this change then no further action is required.

 

If you did not perform or were not expecting this change contact your IT administrator / help desk immediately so they can investigate this for you.

 

Information for Administrators

 

If one of your users has contacted you after receiving a password reset notification and the change was not expected, you should assume that the user’s account has been compromised. In this scenario you should take action to protect the account as soon as possible. Mimecast offers a number of functions to help with this. Consider:

 

Resetting the User's Password yourself

 

  1. Login to the Administration Console
  2. Navigate to the user settings page for the user (Directories | Domains | yourdomain.com | auser@yourdomain.com)
  3. Set a new password. Consider using the force change at logon setting so the user can change the password the next tome they login.
  4. Select Save and Exit to apply the change.

Reset Password.png

 

Changing the password will revoke all active sessions for the user effectively removing access from any unwanted malicious users.

 

Disabling the User

 

  1. Login to the Administration Console
  2. Navigate to the user settings page for the user (Directories | Domains | yourdomain.com | auser@yourdomain.com)
  3. Select the account disabled option.
  4. Select Save and Exit to apply the change.

 

Disable Account.png

 

This will prevent the user accessing the account immediately until such a time the account is reenabled.

 

Enabling 2 Step Authentication

 

2 Step Authentication adds an additional layer of protection to your user’s Mimecast accounts by requiring a password and a one time access code to login. Learn more in the 2-Step Authentication Overview.

 

Enforcing Permitted Login IP Ranges

 

Mimecast offers granular options to secure all authentication attempts using the source IP address of the connecting user. When this feature is enabled, Mimecast only accepts authentication attempts from administrator defined IP addresses. All other attempts are blocked.

 

Resetting Passwords in Other Systems

 

Resetting the user’s Active Directory password and any passwords they have for other IT sanctioned applications. If the Mimecast account has been compromised it is possible that other systems have been impacted too.

1 person found this helpful

Attachments

    Outcomes