Password Reset Tips for Administrators

In most cases, changing a NetSuite password is self-service. However, sometimes an administrator must change a user’s password. For example, when users forget the answers to their security questions. Administrators can use the User Access Reset Tool to assist.

Employee, partner, and vendor roles are considered non-customer center roles. Customers have customer center roles. One person could use the same email address (the NetSuite username) for both non-customer center roles and a customer center role. The system would treat these as two different users, because the information is maintained separately. Changing the password for non-customer center roles has no effect on the password of the customer center role.

In this section, see the following topics:

• Password Reset for Employees, Partners, and Vendors

• Customer Roles and Passwords

Password Reset for Employees, Partners, and Vendors

There are several methods for resetting an employee, partner, or vendor password.

• Self-service password reset – On the NetSuite login page, a user can click Forgot Your Password? link. The user will receive an email with a link to reset the password. The link in the email will expire after 60 minutes. See Getting Access When You Forget Your Password for information for users.

• Administrator–initiated password reset:

  Important:

  An administrator must have access to all of the accounts to which a user has access to change that user’s password.

  • The User Access Reset Tool helps administrators assist users who are unable to reset a password, update security questions,

    or change their device for two factor authentication. You can also reset a user locked out of NetSuite after submitting five consecutive incorrect passwords.

  • Alternatively, you can initiate a password reset on an employee, partner, or vendor entity record. See Changing a User’s NetSuite Password.

Customer Roles and Passwords

There are two ways to create customers:

• When an administrator (or any user with the necessary permission) creates a Customer record in NetSuite and assigns a user a customer center role.

• Visitors to your website can register an email address and create a password. This action creates Lead record in your NetSuite account. Lead and Prospect records can be converted into Customer records. See Automatic Reset of Customer Passwords for more information.

Automatic Reset of Customer Passwords

Not all users registered on your website remain active, logging in again or purchasing items. These less-active users may forget their login name and password. These long-abandoned passwords are automatically reset. Passwords that are automatically reset are associated with website customers who meet either of the following criteria:

• The website customer has not logged in within the previous three years.

• It has been more than 90 days since the customer registered a login name and created a password, and the customer never logged in again.

• The website customer has not logged in within 30 days after their password was changed.

The customer, lead, or prospect record is retained in your NetSuite account. Only the existing password is removed from the record. Users whose passwords have been reset may still attempt to log in. These users will receive an error message that their password has expired.

Password Reset for Customers

There are several methods for resetting a customer’s password.

• Self-service password reset:

  • If the Customer Access feature is enabled in this account, a user can click Forgot Your Password? link on the NetSuite Customer Center login page. The user will receive an email with a link to reset the password. The link in the email will expire after 60 minutes. See Types of Login Pages for Your NetSuite Account and Creating Custom Pages for Login to Your NetSuite Account for more information.

  • On a website login page, customers can click Forgot Your Password?. The customer will receive an email with a link to reset the password. The link in the email will expire after 60 minutes. For more information, see Web Store Password Recovery Email Messages.

• Administrator–initiated password reset – This is similar to the initial password setup when the Customer record was created. For instructions, see Changing a User’s NetSuite Password.

Password Requirements for Customers

• As of 2020.1, the following requirements apply to customer passwords:

  • The minimum password length for customers is eight characters.

  • Easy to guess or potentially compromised passwords are prohibited.

• Other password policies and requirements for access to the NetSuite UI do not apply to customers:

  The value set in the account for the Password Expiration in Days field does not apply to customer passwords. However, customer passwords are automatically reset. See Automatic Reset of Customer Passwords for more information.

Related Topics

• Password Requirements and Policies in NetSuite
• NetSuite Password Requirements
• PCI Compliance Password Requirements
• User Access Reset Tool
• Password Changes Are Logged in System Notes on Entity Records

General Notices