How to Configure Password Policies Settings
- 21 Feb 2024
- 2 Minutes to read
- Print
- DarkLight
How to Configure Password Policies Settings
- Updated on 21 Feb 2024
- 2 Minutes to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Abstract
The Password Policy defines the client's password strength and security behavior during authentication. There are a defined group of settings for each client that can be customized to fit security requirements.
Specific Password Policy settings are configured across the Infinite BrassRing Platform as follows.
Navigation
Abstract
This section describes the configuration of password policies in the Infinite BrassRing Platform.
From the Admin page,
Select Security → Password Policies in the navigation menu to launch the Password Policies page shown in the following figure.
The following Password Policy configuration options are available:
General Settings
Lock Out Settings
Connection Settings
Figure 81. Admin - Password Policies page
Select the Edit hyperlink to expand the specific function you wish to configure.
General Settings Configuration
Abstract
This section describes how to configure the General Settings for Password Policies.
Select the Edit icon to expand the Edit General Settings configuration section.
Figure 82. Edit General Settings configuration
Enter in the appropriate configurations for the following fields:
Table 26. Edit General Settings fields
Field Name
Description
Complexity
When ON the password must:
Contain at least 8 - 20 characters using at least one special character: ` ! @ $ % ^ & * ( ) - _ = + [ ]; : ' " , < . > / ?" (whereas the minimum password length is 8 [configurable])
Contain both UPPER CASE (A-Z) and lower case (a-z) alphanumeric characters.
Contain at least one numeric character 0-9
Must NOT contain the user's username.
Expires Every
The number of days a password must be active before changing.
0 = The password can be changed at any time.
Length
The length of characters a password must be.
Note
The minimum character length is 8.
Remember Last
How many passwords the system will remember.
Note
A user cannot use a previously remembered password.
0 = No passwords are remembered.
Select Save Changes upon completion to save configuration settings.
Lock Out Settings Configuration
Abstract
This section describes how to configure the Lock Out Settings for Password Policies.
Select the Edit icon to expand the Lock Out Settings configuration section.
Figure 83. Lock Out Settings configuration
Enter in the appropriate configurations for the following fields:
Table 27. Edit Lock Out Settings fields
Field Name
Description
Lock Account After
How many times a login can fail before the account is locked out.
0 = The account is never locked out.
Never lock the user
Gives the option to never lock the user.
Select the Never lock the user option if you want your users to never experience a locked account.
When selected, the Lock Account After and Account Locked For fields are grayed out (disabled) so that it's obvious these fields are no longer applicable.
If unselected, the Lock Account After and Account Locked For fields become active again.
Note
When Never lock the user is selected, the Lock Account After field does not permit the value of 0. If 0 is entered, the message The Lock Account After field requires a value greater than 0 for the number of attempts. displays.
Important
Be advised that this option will give anyone unlimited attempts to authenticate, which will compromise security and is not recommended.
Account Locked for
The length of time an account stays locked before unlocking itself.
0 = The account instantly unlocks.
Select Save Changes upon completion to save configuration settings.
