When creating a password, users usually tend to use a keyword that is easy to remember to avoid forgetting the password when logging in. The password used generally contains personal data such as name, company name, email address, or telephone number so that it can be remembered more easily. This will actually be risky for account security vulnerability because the password contains personal data that is easily accessible, causing the password to become weak.

Based on this, we have made improvements to the password security check to detect and manage password creation, to ensure that the password used is not a weak password.

For this reason, in the explanation below, we will explain the flow that you can do if the password you create is weak. Here is the explanation.

Important
Here is an example of a weak password created by an employee at a company: Employee Name: Tsubasa Ozora
Company Name: Nankatsu
Email: tsubasa.ozora@nankatsu.fc
Created password:
- NankatsuGreat!!
- CaptTsubasa10
Then, our system will provide an alert in the form of a notification that the password created by the employee is weak because it contains the company name and the employee's personal name.
- Here are the provisions for creating a password:
1. Minimum 8 characters.
2. Contains numbers.
3. There are lowercase and uppercase letters.
- Password creation requirements:
1. Must not contain email.
2. Must not contain company name.
3. Must not contain full name.
4. Must not contain telephone number.

A. Weak Password when Logging In to Account

In the following case example, there is a flow when the password for the Mekari account you created is weak. Here are the steps you can take.

1. If you have a weak password when logging in, you will be directed to the following display to reset your password. Click "Reset password" to continue.
   
2. Then fill in the email to verify the email related to resetting the password. After filling in the email, click "Continue".
   
3. Then the system will send password reset instructions to your email. Click "Back to sign-in page" to continue.
   
4. Then an email containing the password change will appear. Next, click "Reset password".
   
5. Then you will be directed to the following display. Enter a new password in the New password column and then reconfirm the password in the Confirm new password column. Please pay attention to the password creation requirements as stated in the following display. If the password is correct, click "Set new password & sign in".
   
   

   - If you use an inappropriate password, a warning sign like the following will appear stating that the password you created contains a name, username, company name, and phone number. These should not be used as passwords.
   
   -  In addition, a warning sign like the following will appear if the password you use is too common.
   

B. Weak Password when Signing in Using Employee ID

In the following case example, there is a flow when the password for the Mekari Talenta account that you created is weak when signing in using Employee ID. Here are the steps you can take.

1. If you have a weak password when logging in, you will be directed to the following display to reset your password. Click "Reset password" to continue.
   
2. Then you will be directed to the following display. Fill in the Phone number then click "Continue".
   
3. Then you will be directed to fill in the OTP code that has been sent to your phone number. Then click "Verify" to continue.
   
   

   You can also choose verification via WhatsApp by clicking "Verify via WhatsApp" or via email by clicking "Verify via email".

4. Then you will be directed to the following display. Fill in the new password in the New password column then reconfirm the password in the Confirm new password column. Please note the requirements for creating a password as stated in the following display. If the password is correct, click "Set new password & sign in".
   
   

   - If you use an inappropriate password, a warning sign like the following will appear stating that the password you created contains a name, username, company name, and telephone number. These should not be used as passwords.
   
   -  Selain itu, akan muncul tanda peringatan seperti berikut apabila kata sandi yang Anda gunakan terlalu umum.
   

C. Weak Password when Signing in for the First Time (User Invitation)

In this case, you as a new user who is registered or added to the Company on the Mekari product will receive an invitation email to Set up an account. Then, in the following case example, there is a condition when the password for the Mekari account you created is weak when Signing in. Here are the steps you can take.

1. After you receive an invitation via email, you will be directed to the following display.
   
2. If you have a weak password when logging in, you will be directed to the following display to reset your password. Click "Reset password" to continue.
   
3. Then fill in the email to verify the email related to resetting the password. After filling in the email, click "Continue".
   
4. Then the system will send password reset instructions to your email. Click "Back to sign-in page" to continue.
   
5. Then an email containing the password change will appear. Next, click "Reset password".
   
6. Then you will be directed to the following display. Enter a new password in the New password column and then reconfirm the password in the Confirm new password column. Please pay attention to the password creation requirements as shown in the following display. If the password is correct, click "Set new password & sign in".
   
   

   - If you use an inappropriate password, a warning sign will appear as follows stating that the password you created contains a name, username, company name, and telephone number. These should not be used as passwords.
   
   -  In addition, a warning sign will appear as follows if the password you use is too common.
   

D. Weak Password when Signing in via Email Invitation

Users will receive an invitation via email when they are registered by the Mekari Internal team to try Mekari products. When the user receives the invitation, they will be directed to a page to set up an account. In the following example, there is a flow when the password for the Mekari Talenta account that the user created is weak. Here are the steps that can be taken.

1. After you receive an invitation via email, you will be directed to the following display.
   
   

   - f you use an inappropriate password, a warning sign will appear as follows stating that the password you created contains a name, username, company name, and telephone number. These should not be used as passwords.
   
   -  In addition, a warning sign will appear as follows if the password you use is too common.
   

E. Weak Password when Signing up an Account

In the following example, there is a flow when the password for the Mekari Talenta account that you created is weak when signing up an account as a new user. Here are the steps you can take.

1. Click "Create a demo account" on the following page.
   
2. Then you will be directed to the Create Mekari account page. Fill in the data below. Then, in the Password column, you need to pay attention to the password creation rules. In this case, the password must not contain your name, username, company name, and telephone number.
   

   In addition, a warning sign will appear as follows if the password you use is too common.