Editing Password Policy
The Password Policy allows you to define password rules.
Note: If there is a change in password policy since the last login and password does not follow the new password policy, a message will be displayed prompting the user to change their password.
Follow the steps below to edit Password Policy.
- Log in to the Repository.
- The repository details of the selected repository will be displayed as shown below.
- Access the Edit Password Policy option using one of the options below:
- Right Click on the repository name and select the Edit Password Policy menu item (A) from the menu.
- Select Edit Password Policy menu item from Action Menu. (B)
- Click on the Edit Password Policy option provided at the bottom of the Right Navigation Panel.
- The Edit Password Policy screen will be displayed as shown below:
- Specify the following details to edit password policy
|Minimum length required for a password||Enter the minimum password length.|
This option defines the minimum number of characters that must be entered to create a valid password.
|Minimum number of special characters that must be present in a valid password||Enter the maximum number of special characters (non-alphanumeric) required in a valid password.|
|Never use<Number> old passwords||Enter whether you want to allow the users to be able to use old passwords.|
This option defines the number of old passwords stored in the repository and used to compare with a new password. You can restrict the user from using his old passwords. You can specify the maximum number of passwords that user cannot repeat
|Validation Rule||Enter the validation rule.|
This option defines the regular expression used to validate the password.For example Length:[8,infinity], lower: 1, upper: 1, numeric: 1, special: 1,
|Validation Message||Enter the validation message for example “Invalid Password”|
This option defines a message displayed to the user if their passwords do not match the password policy.
|Password expires after<days> days||Enter the number of days for which the current password will be valid.|
This option defines the number of days a password is valid. After these days the password will expire and user must change it.
|This section explains the actions to be taken when password expires or does not comply with the password policy.|
|Action||Select the action.|
This option defines the following 3 actions performed when the password is expired or does not comply with the password policy.
1- Display a warning
2- Force the user to change password after N grace logins
3- Force the user to change password
|Grace Logins allowed||Enter the number of allowed grace logins. This option will be enabled only if “Force the user to change password after N grace logins” option has been selected in action option.|
This option defines number of logins allowed with an invalid password (Password has expired or does not match the password policy).
|Lock out user account after invalid password attempts||This option defines if the user account is locked out after consecutive invalid password attempts|
|Number of consecutive invalid password attempts||This option defines the number of invalid password attempts allowed before the user account is locked out.|
|Password attempts window||Enter the time in minutes till when the password window will be displayed.|
|Auto Unlock blocked account after delay of <minutes> minutes between authentications||Enter the minutes after which the blocked user accounts are to be automatically activated.This option is enabled only if “Lock out user account after invalid password attempts” option is selected.|
- Click “OK” if you want to save the details entered in Edit Password Policy.
- Click “Cancel” if you don’t want to save the details entered in Edit Password Policy.