Password administration

Every user needs a password when logging in. This password can either be stored in Haiilo, synchronized from a user directory or matched by OpenID with an external service.

Different types of passwords

You have three options in Haiilo to get your users on the platform:

  1. You create them as local users via the user directory in Haiilo Administration.
  2. You synchronize an existing user directory of your company (e.g. Azure).
  3. You import the users from a CSV file.

Locally created users, and the users that are imported via a CSV import, have a local password that is stored in Haiilo.

With the synchronization of a user directory you give the password which comes from your directory. Haiilo cannot see or overwrite this password. Here also the automated rules of your user directory take effect, how the password must look like and how often it should be changed.

Set & forgot password (user)

Each locally created user, and users imported via a CSV import, will be prompted to reset their password upon first login.

The request to change the password is made before the respective user can access his digital home. The user chooses his new password according to the set guidelines. If everything fits here, the frames of the fields turn green and the save button is clickable. If something doesn't fit here, the user also gets the message "The password is invalid" directly.


You can customize this hint with our language keys and provide your guidelines directly.

With the right permission a user can also change their current password themselves in their profile settings. The password guidelines must be observed when changing the password. Unless you have changed them, the guidelines are as follows:

  • a minimum of six characters
  • at least one number

If a user has forgotten their password, they can simply click on the button "Forgot Password?" on the login screen.

Two options for resetting the password are available:

  1. the user is sent a recovery link to their e-mail address saved in Haiilo
  2. they have the super admin contact them


Option 1: Yes, send me a recovery link

This option is for the users whose e-mail addresses are saved in Haiilo. They just enter their username or e-mail here.


You then receive an e-mail with a link to reset your password. Depending on the company’s server settings, this may sometimes take a bit longer.


  • You then only receive an e-mail if you have already been activated in the system by your administrators.
  • When resetting your password, please be sure to use the e-mail address that you used to register in Haiilo.
  • Nothing’s arrived? Please check the spam folder in your e-mail inbox. Some very restrictive spam filters often filter out these kinds of e-mails.

Option 2: No, please contact me

This option is for the users who have been created in Haiilo without a permanent e-mail address. They use a form to enter their contact details so that the super admin saved in Haiilo can then contact them.


The user immediately receives a confirmation that their contact information has been forwarded successfullyAt the same time, the super admin receives an e-mail notification that the user has requested a new password. This e-mail contains the user’s contact details and a precise description of what to do next.

The super admin manually sets a new password in the user administration of their Haiilo interface and sends this to the user or tells it to them over the phone.

Once the user logs in with their new, temporary password, they’ll receive a request to change the password received from the super admin to a password that only the user knows.

Set & forgot password (admin)

If a user is ever unable to change their password, please check the user’s permissions. To do this, go into the Administration in Haiilo and choose the role in the user administration that is assigned to the respective user. Then check in the category "Users" whether the permission to edit the user settings is activated ("Manage user profile").

As an admin you can also set a password for a user. Navigate to the administration and search for the user in the user administration. When you edit this user you can set a password in the "Password" field that needs to be aligned with your password guidelines. After the first login the user has to choose a new password themselves.


How are passwords saved in Haiilo?

The passwords of local users are stored encrypted in the database. It’s not possible to decrypt the passwords. The passwords of users from user directories are not saved. The query goes directly to the local user directory.

What can we do if the password reset does not work?

In our experience, problems can be narrowed down to these causes: 

  • Password submitted twice:
    If you have entered your new password, please only click on the login button once. The password is automatically accepted and you can log in again. Clicking a second time triggers an error message (invalid).
  • Our password requirements have not been observed: 
    We describe the precise requirements to you in a separate article.
  • Time exceeded(only applies to users with e-mail addresses saved):
    The link to reset your password is valid for one hour. If you’ve exceeded this period of time, you need to request a new link.

Was this article helpful?