Password Requirements FAQ
Q: What are the requirements for my new password?

A: The password requirements are as follows:

  • Passwords cannot contain reference to your own identity (e.g., password should not contain your name or a portion of your name).
  • Passwords cannot be similar to previously used passwords.
  • Passwords cannot contain or consist of commonly-used passwords (e.g., easy to guess, password as a password).
  • Passwords cannot have more than 2 repeated characters.
  • Passwords must have a minimum of 5 unique characters.
  • Passwords must be between 8 and 255 characters.
  • Passwords must contain at least 1 special character.
  • Passwords must contain at least 1 numeral.
  • Passwords must contain at least 1 capitalized letter.
  • Passwords must contain at least 1 lower-cased letter.
Please note the following also:
  • 6 prior passwords will be maintained in the password history count for a maximum of 365 days.
  • Passwords will expire every 182 days.
  • Passwords can be changed after 1 day.
  • Accounts will lock after 5 failed password attempts.
Q: For how long will I be able to bypass registration?

A: We encourage you to take care of your new registration at your earliest convenience. However, to best serve our customers, we will enable registration bypass for 30 days.

Q: Why is my bookmark/shortcut or App not working?

A: The website was changed from to, please navigate to through your web browser before updating any bookmarks or shortcuts.

Q: I access more than one KorWeb account. Do I need to register all accounts?

A: Yes! You will need to register each KorWeb login (operator, password, and customer ID) for each account.

Q: Why can’t I navigate to

A: Some security policies require whitelisting URLs to ensure secure access to external sites. Ensure that your company has whitelisted

Q: What happens if a user skips registration, logs into KorWeb, and clicks Edit Profile or Change Password?

A: The user will be redirected the IAM-Login page and will be asked to log in. This will give the user another opportunity to register for IAM. If they do not want to and the skip registration flag is still enabled they may skip registration once more and be redirected to KorWeb Classic and log back in.