Edit Password Policy
The Password Policy allows you to define password rules.
Note: If there is a change in password policy since the last login and password does not follow the new password policy, a message will be displayed prompting the user to change their password.
Follow the steps below to edit Password Policy.
- Log in to the Repository.
- The repository details of the selected repository will be displayed as shown below.
- Access the Edit Password Policy option using one of the options below:
- Right Click on the repository name and select the Edit Password Policy menu item (A) from the menu.
OR
-
- Select Edit Password Policy menu item from Action Menu. (B)
OR
-
- Click on the Edit Password Policy option provided at the bottom of the Right Navigation Panel.
- The Edit Password Policy screen will be displayed as shown below:
- Specify the following details to edit password policy
Field | Description |
Minimum length required for a password | Enter the minimum password length. This option defines the minimum number of characters that must be entered to create a valid password. |
Minimum number of special characters that must be present in a valid password | Enter the maximum number of special characters (non-alphanumeric) required in a valid password. |
Never use<Number> old passwords | Enter whether you want to allow the users to be able to use old passwords. This option defines the number of old passwords stored in the repository and used to compare with a new password. You can restrict the user from using his old passwords. You can specify the maximum number of passwords that user cannot repeat |
Validation Rule | Enter the validation rule. This option defines the regular expression used to validate the password. For example Length:{8,15} ^\w{0,10}$ allows words of up to 10 characters. ^\w{6,}$ allows words of more than 5 characters. ^\w{5,10}$ allows words of length between 5 and 10 characters. |
Validation Message | Enter the validation message for example “Invalid Password” This option defines a message displayed to the user if their passwords do not match the password policy. |
Password expires after<days> days | Enter the number of days for which the current password will be valid. This option defines the number of days a password is valid. After these days the password will expire and user must change it. |
This section explains the actions to be taken when password expires or does not comply with the password policy. | |
Action | Select the action. This option defines the following 3 actions performed when the password is expired or does not comply with the password policy. Display a warning Force the user to change password after N grace logins Force the user to change password |
Grace Logins allowed | Enter the number of allowed grace logins. This option will be enabled only if “Force the user to change password after N grace logins” option has been selected in action option. This option defines number of logins allowed with an invalid password (Password has expired or does not match the password policy). |
Lock out user account after invalid password attempts | This option defines if the user account is locked out after consecutive invalid password attempts |
Number of consecutive invalid password attempts | This option defines the number of invalid password attempts allowed before the user account is locked out. |
Password attempts window | Enter the time in minutes till when the password window will be displayed. |
Auto Unlock blocked account after delay of <minutes> minutes between authentications | Enter the minutes after which the blocked user accounts are to be automatically activated. This option is enabled only if “Lock out user account after invalid password attempts” option is selected. |
- Click “OK” if you want to save the details entered in Edit Password Policy.
- Click “Cancel” if you don’t want to save the details entered in Edit Password Policy.