During Narmi Banking enrollment, users must create a username and password to access their account. This section describes the requirements and password validators we use to ensure the creation of strong passwords.
Note: There is no default expiration of a user's password. We do not prompt users to change their passwords after a given number of days.
For troubleshooting username and password issues, go to Username and Password Issues.
Username and Password Requirements
Usernames must be less than 150 characters and may contain letters, numbers, or any of the following special characters: _, @, +, ., -. Usernames are not case-sensitive. User passwords can be 4,096 characters or fewer in length. Your institution can configure a minimum username length in Narmi Command under Configurations > Institution Settings > Minimum Number of Characters for Usernames. The default minimum is one character.
The default minimum password length is 8 characters, but this can be configured to a different length for your financial institution. We highly recommend a minimum password length of at least 10 characters. To configure the minimum password length or any other password conditions, contact support@narmi.com.
Password Validators
By default, we apply the following password validators:
User similarity – Ensures that the password is not too similar to the user's username, first name, last name, or email
Common password – Ensures that the password is not in the 20,000 most common passwords
Numeric password – Ensures that the password is not entirely numeric
Each password validator provides help text to explain the requirements to the user, validates a given password, and returns an error message if it does not meet the requirements.
Additional Password Conditions
Each financial institution can set its own requirements for the parameters below. Minimum requirements can be set for each character that is expected to occur within a password. To configure any of the following password conditions, please contact support@narmi.com.
Password number minimum – Validates whether the password meets the minimum number count required during the password generation
Password uppercase letter minimum – Validates whether the password meets the minimum amount of uppercase letters required during the password generation
Password lowercase minimum – Validates whether the password meets the minimum amount of lowercase letters required during the password generation
Password symbol minimum – Validates whether the password meets the minimum number of symbols required during the password generation
Changing Passwords
Users can change their password from the Profile tab of Settings on the web app or My accounts on the mobile app. After changing their password, they will remain logged in to Digital Banking on the device they used. Additionally, the user is logged out of any other devices they used before the password change and will be automatically redirected to the login screen.
Once a user changes their password, we send an acknowledgment email notification and/or SMS text message to the email address and/or phone number associated with their user profile. The user also receives a push notification if push is enabled on their device. Your institution can customize the text used in the SMS text message that gets sent. To do this, please contact your Narmi Relationship Manager.
To enhance security when changing passwords, you can enable Elevated Authentication, which requires users to complete two-factor authentication (2FA) to verify their identity for critical actions. Additionally, your institution can configure the duration for which users remain in Elevated Authentication Mode before they are required to authenticate again. For users who have biometrics set up on their mobile device, elevated authentication can be configured to use biometric verification instead of 2FA. For more information, go to Elevated Authentication.