Security Management
      Back to home
      1. Knowledge Base
      2. Account & General Setup
      3. Security Management

      What is raisin's Password Policy?

      For secure sign-on, all accounts for administrators and constituents must adhere to username and password requirements.

      Effective: February 26, 2020


      Charity staff and constituents may create user accounts on raisin to access and interface with the role-based fundraising tools the system provides. For secure sign-on, all accounts for administrators and constituents (i.e. participants) must adhere to specific username and password requirements. Our password policy is designed to the security of your information and your users' information in mind. 

      All usernames and passwords entered or modified on the system must be sufficiently complex, meeting the following requirements:

      • Unique username 6-20 characters in length
      • Password 8-20 characters in length
      • At least one uppercase character
      • At least one lowercase character
      • At least one numeric character
      • At least one non-alphanumeric character (symbol)

      All passwords are encrypted.

      User Passwords in Admin Console

      Credentials must be these specifications in the following areas of raisin Admin:

      Admin Users/Groups

      Administrator accounts are managed by System Administrators only. In addition to a complex password, new or modified administrator accounts require the administrator making the update to enter their own password in order to authenticate the change. 

      KB4-1

      raisin employs two-factor authentication for all administrators on log in. Two-factor authentication is an ideal way to ensure that your account and account data is secure, as it verifies a user logging into your raisin account with both a unique password and another device directly associated with them. A a code will be sent to the email address associated with the administrator's username and to log in, the user must successfully enter the code they receive.

      Manage Users

      Creating or updating fundraisers from Manage Users will adhere to these requirements.

      KB5-2

      Front-End Users

      During front-end registration, passwords that do not meet the policy requirements will be validated will the following message to ensure their account is adequately protected. All passwords are protected by strong encryption.

      KB6

      Password Reset

      Event constituents (participants and event purchasers) may also reset their password directly from the event site following the prompts to reset their password from the Login or Register page. 

      Payment Accounts

      When creating your payment account or PayPal account in General Setup, credentials are generated by your gateway. After the gateway is saved, Passwords, IDs and Keys will be dashed. The credential can be temporarily exposed by selecting the Show/Hide icon.

      Payment Account

      KB1-1

      PayPal

      KB2-2