Clients constantly receive queries from Auditors asking for password specifications for user login.
On the Navigation pane:
Expand Security
Double-click on Profiles
There will be an Active Directory and a Local profile. Double-click on the required profile. The Profile Detail screen will be displayed.
The Profile Detail screen:
Authentication Store: This field describes the authentication store to be used.
- Active Directory: with this profile, you will have to provide your Windows username and password.
- Local: with this profile, you will have to provide a username and password that must exist in the People database.
Session Token Expiry Hours: Specifies the number of hours before a user is required to re-enter his/her password.
Active Directory Authentication Store fields
Auto Logon: This checkbox indicates if Automatic Logon will be permitted for any user using the Active Directory profile authentication profile.
Validate Account Locally: Validate account locally refers to the authentication process when Active Directory integration is used.
Local Authentication Store fields:
Failed Logon Count: Specifies the maximum number of times a user will be allowed to enter an incorrect username and/or password before the user account is locked.
Password Strength: The complexity of the password requirement is set up here. The following options are available:
- None: No password complexity is required.
- Weak: The password must consist of a minimum of five characters.
- Medium: The password must consist of a minimum of eight characters, containing at least two of the following:
- Uppercase characters,
- Numeric characters, and
- Keyboard special characters (for example, ! # $ % ^ & * _ + = -).
- Strong: The password must contain a minimum of eight characters, containing at least one of each of the following:
- Lowercase characters,
- Uppercase characters,
- Numeric characters, and
- Keyboard special characters (for example, ! # $ % ^ & * _ + = -).
Password Expiry Days: Specify the number of days that a password is valid before the user is forced to enter a new password.
Password Reuse Cycle: This is only visible when the Password Expiry Days field is greater than zero. Specify the number of cycles that a user is not allowed to use the same password.