This window configures lock out options and the definition of strong passwords. These requirements apply to all users. You
can quickly set password and Lock Out options for one or more users using this view.
Figure 126. Configure window (global password properties)
You access this window from the main menu by clicking , followed by clicking the Configure button (
).
Lockout properties
| Property |
Value |
Description |
| Lockout Enabled |
true (default) or false |
true temporarily prevents a a user from logging in to a user account after a number of consecutive authentication failures. The
user is locked out for the duration of the lock out period (next property). This feature makes it difficult to automate the
guessing of passwords. Changing this property opens a second Configure window that allows you to individually set Require Strong Passwords and Lock Out Enabled. The Clear Lock Out button on the Edit User view terminates the locked-out state.
|
| Lockout Period |
hours, minutes, seconds (defaults to 10 seconds) |
If lock out is enabled, this defines the period of time a user account is locked out before being reset. While locked out,
any login attempt (even a valid one) is unsuccessful.
|
| Max Bad Logins Before Lockout |
number from 1 to 10 (defaults to 5) |
In conjunction with Lock Out Window, specifies the number of consecutive failed login attempts that trigger a user lockout. The system enforces lockout changes
on the next login attempt. For example, suppose that Max Bad Logins... is set to 5, and a user has failed to log in four times within the Lock Out Window. At that moment, suppose an admin-level user changes Max Bad Logins... to 3. The change does not lock out the user who still has one more chance to log in. If the fifth login attempt fails, the user
is locked out, since five failed attempts is greater than or equal to the Max Bad Logins... setting of 3.
|
| Lock Out Window |
hours, minutes, seconds, up to one day (defaults to 30 seconds) |
If lock out is enabled, and the number of Max Bad Logins Before Lock Out occurs within this window of time, the user is locked out for the Lock Out Period duration.
|
Password Strength properties
| Property |
Value |
Description |
| Minimum Length |
number from zero to infinity (defaults to 10) |
Defines the fewest number of letters a user can configure. |
| Minimum Lower Case |
number from zero to infinity (defaults to 1) |
Defines the fewest number of lower-case letters required. |
| Minimum Upper Case |
number from zero to infinity (defaults to 1) |
Defines the fewest number of upper-case letters required. |
| Minimum Digits |
number from zero to infinity (defaults to 1) |
Defines the fewest number of numeric digits required. |
| Minimum Special |
number |
Defines the fewest number of special characters required. |
Password Configuration properties
| Property |
Value |
Description |
| Expiration Interval |
days, hours, minutes, seconds |
Defines a date in the future when the password expires. |
| Warning Period |
days, hours, minutes, seconds |
Defines when the warning period begins before the password expires. |
| Password History Length |
number from zero (0) to 10 (defaults to 0) |
Defines how many previous passwords cannot be used. The system stores the history of each user’s passwords and does not allow
reuse of the same password up to 10 passwords ago. For example, if this value is two (2), a user could create the same password
they had three-times ago, but they could not reuse their password from two times ago.
|
