Skip to main content

Infinite BrassRing Platform

How to Configure Password Policies Settings

Abstract

The Password Policy defines the client's password strength and security behavior during authentication. There are a defined group of settings for each client that can be customized to fit security requirements.

Specific Password Policy settings are configured across the Infinite BrassRing Platform as follows.

Navigation
Abstract

This section describes the configuration of password policies in the Infinite BrassRing Platform.

From the Admin page,

  1. Select SecurityPassword Policies in the navigation menu to launch the Password Policies page shown in the following figure.

    The following Password Policy configuration options are available:

    • General Settings

    • Lock Out Settings

    • Connection Settings

      Figure 81. Admin - Password Policies page
      Admin - Password Policies page


  2. Select the Edit hyperlink to expand the specific function you wish to configure.

    image13.jpg
General Settings Configuration
Abstract

This section describes how to configure the General Settings for Password Policies.

  1. Select the Edit icon to expand the Edit General Settings configuration section.

    Figure 82. Edit General Settings configuration
    Edit General Settings configuration


  2. Enter in the appropriate configurations for the following fields:

    Table 26. Edit General Settings fields

    Field Name

    Description

    Complexity

    When ON the password must:

    • Contain at least 8 - 20 characters using at least one special character: ` ! @ $ % ^ & * ( ) - _ = + [ ]; : ' " , < . > / ?" (whereas the minimum password length is 8 [configurable])

    • Contain both UPPER CASE (A-Z) and lower case (a-z) alphanumeric characters.

    • Contain at least one numeric character 0-9

    • Must NOT contain the user's username.

    Expires Every

    The number of days a password must be active before changing.

    0 = The password can be changed at any time.

    Length

    The length of characters a password must be.

    Note

    The minimum character length is 8.

    Remember Last

    How many passwords the system will remember.

    Note

    A user cannot use a previously remembered password.

    0 = No passwords are remembered.



  3. Select Save Changes upon completion to save configuration settings.

Lock Out Settings Configuration
Abstract

This section describes how to configure the Lock Out Settings for Password Policies.

  1. Select the Edit icon to expand the Lock Out Settings configuration section.

    Figure 83. Lock Out Settings configuration
    Lock Out Settings configuration


  2. Enter in the appropriate configurations for the following fields:

    Table 27. Edit Lock Out Settings fields

    Field Name

    Description

    Lock Account After

    How many times a login can fail before the account is locked out.

    0 = The account is never locked out.

    Never lock the user

    image453.jpg

    Gives the option to never lock the user.

    Select the Never lock the user option if you want your users to never experience a locked account.

    When selected, the Lock Account After and Account Locked For fields are grayed out (disabled) so that it's obvious these fields are no longer applicable.

    If unselected, the Lock Account After and Account Locked For fields become active again.

    Note

    When Never lock the user is selected, the Lock Account After field does not permit the value of 0. If 0 is entered, the message The Lock Account After field requires a value greater than 0 for the number of attempts. displays.

    Important

    Be advised that this option will give anyone unlimited attempts to authenticate, which will compromise security and is not recommended.

    Account Locked for

    The length of time an account stays locked before unlocking itself.

    0 = The account instantly unlocks.



  3. Select Save Changes upon completion to save configuration settings.