Product Update: Enhanced Login Security (Password-Based Authentication)
Overview
This release introduces updates to login authentication in OmegaAI and Blume, focused on improving security, compliance, and user experience.
We are pleased to announce the rollout of enhanced login security for OmegaAI and Blume. This update replaces the earlier PIN-based system for new users and introduces a more robust, HITRUST-compliant password authentication process. With this enhancement, login workflows are modernized, account protection is strengthened, and both platforms are aligned with industry-standard security practices.
What's New
1. Secure Password-Based Sign-Up for New Users
What changed:
New users are now required to create an alphanumeric password during sign-up. The PIN field has been fully replaced with a password field that meets HITRUST complexity standards.
Benefit:
Ensures stronger authentication at the point of account creation and reduces vulnerability associated with simple PIN-based access.
2. Password Requirements (HITRUST-Aligned)
What changed:
Passwords must meet the following criteria:
-
Minimum 8 characters
-
Include both uppercase and lowercase letters
-
Include at least one number or special character
A real-time password strength indicator is also provided during creation.
Benefit:
Guides users in creating secure credentials while enforcing compliance with HITRUST security standards.
3. Updated Sign-In Experience
What changed:
-
New users sign in using their email and password.
-
Existing users can continue using their current 6-digit PIN.
-
Users who upgrade to a password will use it for all future logins.
Benefit:
Provides a seamless transition path while gradually moving all users toward a more secure authentication model.
4. Improved Forgot / Reset Password Flow
What changed:
The previous PIN reset process has been replaced with a secure password reset flow that includes email verification and password validation.
Benefit:
Enhances account recovery security and reduces the risk of unauthorized access.
5. Optional Upgrade Path for Existing Users
What changed:
Existing users can upgrade from PIN to password using the following flows:
-
Blume: Enter registered email ID → Tap Forgot Password
-
OmegaAI: Enter registered email ID → Select Forgot Password
This initiates a secure password setup process.
Benefit:
Enables gradual adoption without disrupting existing users while encouraging migration to a more secure authentication method.
Important Notes
-
The PIN-based login system is no longer available for new users.
-
Existing users can continue using their PIN until they upgrade to password-based authentication.
-
Once a password is set, it becomes the default login method for all future sessions.
-
All passwords must comply with HITRUST complexity requirements.
-
Password reset now requires email verification.
Where to Find It
You can access the updated authentication workflows during sign-up and login processes.
Navigation path in the application:
-
Login / Sign-Up Screen → Password Setup / Sign-In
-
Login Screen → Forgot Password