In this article we will show you the requirements which have to be met when choosing your Personio password.
To activate your account, you will receive an invitation e-mail from Personio. Follow the link in this mail, then sign in with your e-mail address and set your individual password.
General password requirements
To ensure that your password meets a high safety standard, the following requirements have to be met when choosing a password for Personio:
- It must contain a minimum of 8 and a maximum of 128 characters
- It must contain at least one number
- It must contain at least one special character
- It must at least contain one letter
- It must not contain your own name
In addition, please note:
- Passwords and login information should always be stored in encrypted form; it is best to use a password manager.
- Passwords should never be entered via copy/paste.
- Your Personio account will be blocked after three failed login attempts. You can find out how to reactivate a user account after it has been blocked here.
- When changing your password, you cannot use a password you already used once.
- Passwords can be changed a maximum of three times a day.
To make the login of your employees even more secure, the 2-factor authentication can be activated under Settings > Employee Roles > Security for various employee roles. In addition to the e-mail address and password, a six-digit token generated on the smartphone is required to log in.
Additional password settings
Since the information stored in Personio contains sensitive personal data, we recommend you limit the password validity of all employees to 90 days for additional protection.
Navigate to Settings > Authentication > Password configuration. Activate via the checkbox that your employees are forced to change their Personio password every 90 days and click on Submit. Each employee will be notified 10 days before the deadline.