Skip to content

Changing Your Password

Synderys requires strong passwords to protect organizational resources. This guide explains how to change your password and the rules your new password must follow.

Password Policy

Before choosing a new password, review the following requirements:

Rule Requirement
Minimum length 14 characters
Maximum age 60 days — you will receive a reminder 7 days before expiry
Complexity Must include at least three of: uppercase letters, lowercase letters, numbers, and special characters
History Cannot reuse any of your last 10 passwords
Breach check Your password is checked against the Have I Been Pwned (HIBP) database of known breached passwords — any password found in a breach will be rejected

What to expect

The HIBP check happens automatically when you submit your new password. Your actual password is never sent to an external service — Synderys uses a secure partial-hash lookup (k-anonymity) that keeps your password private while still checking it against billions of known compromised credentials.

How to Change Your Password

  1. Sign in to your account at https://auth.synderys.com.

  2. Click your profile icon in the top-right corner and select Settings.

  3. Navigate to the Password section and click Change Password.

  4. Enter your current password in the first field.

  5. Enter your new password in the second field. A strength indicator will show whether your password meets all requirements.

  6. Enter your new password again in the confirm password field.

  7. Click Save to apply the change.

What to expect

After saving, you will see a confirmation message and be signed out of all active sessions. Sign in again with your new password. Your MFA enrollment is not affected by a password change.

When Your Password Expires

Passwords expire every 60 days. Here is what happens:

  • 7 days before expiry: You will see a notification banner when you sign in, reminding you to change your password.
  • On expiry day: After signing in with your expired password, you will be redirected to the password change screen before you can access any applications.
  • After expiry: You can still sign in — the system will simply require you to set a new password before proceeding.

Tips for a Strong Password

  • Use a passphrase — a sequence of four or more random words is both strong and easy to remember (for example, "correct horse battery staple" style phrases).
  • Use a password manager to generate and store complex passwords securely.
  • Never reuse passwords from other websites or services.
  • Never share your password with anyone, including IT staff — Synderys administrators will never ask for your password.

Troubleshooting FAQ

Q: I get "Password has been found in a data breach" when I try to set my new password. : This means your chosen password appears in a public database of compromised credentials. Choose a different password. Using a password manager to generate a random password is the easiest way to avoid this.

Q: I get "Password does not meet complexity requirements." : Ensure your password is at least 14 characters long and includes at least three of the four character types: uppercase letters, lowercase letters, numbers, and special characters.

Q: I forgot my current password and cannot access the change password screen. : See Account Recovery for instructions on resetting your password.

Q: My password expired while I was on leave. Is my account locked? : No. Sign in with your expired password and you will be prompted to create a new one before accessing any applications. If you have forgotten your password, use the account recovery process.

Q: I changed my password but I am still signed in on my phone. : All sessions are terminated when you change your password. If an application on your phone still appears active, close and reopen it — you will be prompted to sign in again.