All Collections
Apricot 2023 Release Notes
Apricot Password Update | September 28th and October 27th
Apricot Password Update | September 28th and October 27th
Updated over a week ago

To enhance Apricot security, we are implementing stronger password requirements.

US and CA - As of September 28, every US and CA-based Apricot user will be asked to change their password upon their next login.

AUS - Beginning the morning of Friday, October 27th, every AUS based Apricot user will be asked to change their password upon their next login. The deployment will take place around 1 PM CT (5 am AEDT) on Thursday, October 26th. There will be no downtime, but users may see the password update after this time.

Upon providing their previous username and password, users will be required to create a new password that adheres to our enhanced security standards:

  • Password length: 12 characters minimum

  • At least 1 uppercase letter

  • At least 1 lowercase letter

  • At least 1 symbol

  • At least 1 number

  • The last 24 passwords cannot be reused

  • Passwords must be reset at least every 365 days

In cases where your Apricot instance has password security settings below our minimum requirements, they will be automatically overridden.

If your Apricot instance already meets or exceeds our minimum standards, users will still encounter a mandatory password reset. This is because we do not store passwords in our system and need users to reset passwords to ensure compliance with the new standards.

This update will ensure Apricot data continues to be protected by industry leading standards

If you forget your current Apricot password (at any point) the Forgot Password link will allow users to receive an updated password that meets the new password requirements. It is always best practice to update your password after a password reset in user preferences.

Please note that Single Sign-On (SSO) logins will remain unaffected. If Multi-Factor Authentication (MFA) is in use, users will be prompted to update their passwords after the initial authentication.

We appreciate your cooperation and support in this endeavor. If you have any concerns about this upcoming change, please do not hesitate to reach out to our support team over chat or at apricot@bonterratech.com.

Thank you,

Apricot Support


Frequently Asked Questions

  1. Will the password reset/requirements impact Connect users?

    No, at this time, Connect users will not experience any password reset requirements or changes.

  2. Will the password reset/requirements impact Guest users?

    If guest users are setup within your organizations IDP and SSO setup in Apricot, they will not experience a password reset.

    If their Guest users are not in your organizations IDP and are not setup to use SSO login, they will need to reset their password.

  3. Can my organization be excluded from this update?

    No, all Apricot organizations will be impacted by this change on September 28th.

  4. What happens if I cannot access Apricot to reset my password?

    Every Apricot user will be asked to change their password upon their next login.

    Upon providing their previous username and password, users will be required to create a new password that adheres to our enhanced security standards.

    If you forget your current Apricot password (at any point) the Forgot Password link will allow users to receive an updated password that meets the new password requirements. It is always best practice to update your password after a password reset in user preferences.

  5. I would like to provide feedback about password requirements in the future.

    Our support team would be happy to accept any feedback or questions related to this change in Apricot. Chat with our team or email us at apricot@bonterratech.com.

    For formal feedback to our product team regarding future enhancements, we recommend you enter and upvote an Idea in the Ideas Portal.

  6. How can I create a password that meets the requirements?

    If you need assistance generating a new password, we recommend using a password generator like LastPass. You can easily generate and copy the password.

    Otherwise, try to build a password that is easy for you to remember, but hard for others to guess.

  7. What will this experience look like for my end users?

    Users will be guided through the password reset like the image below. They will be requested to enter their previous password, their new password, and a confirmation of the new password.

  8. How can my users get login support on the password update day (or after)?

    When users encounter the password reset screen, they still have access to the support bubble. Chat in with issues.

    You may also email apricot@bonterratech.com if you are having trouble logging in and we will work diligently to get your users in to the system.

  9. How does Apricot refrain from storing passwords but still know if I am using one of the previous 24?

    Apricot uses a hash code as a 'secret language' that a computer uses to hide important information, like the values of your password. If you were resetting your password and type in an old value, a previous hash value will be produced resulting in an error.


    This way, even if someone were to somehow access the stored codes, they wouldn't be able to figure out your actual password. Hash codes help keep your information safe and secure online.

Did this answer your question?