Passwords |
The Passwords tab enables you to set rules for format, length, acceptable characters, and how often passwords must be changed. It also tracks each user's password, when it was changed, and what the new password is. User passwords are stored in the database as encrypted values.
Tip: The rules are applied only when a new password is being assigned or an existing password is being changed. If a user's existing password does not meet the established criteria, then he or she must change it. To force a user to change his or her password at next login, place a check in the User must change password at next login field on the Security Options tab of the System Mgmt -> Setup -> Access Rights -> Users screen for that user.
Note: If previous to 15.0 release you had the option Allow mixed case passwords on this screen disabled (which allowed insensitive case matching against the user's password), when you first login, the application converts the older password to all lower-case characters, and all the logins for that user's current passwords will do a case sensitive match against he newly converted password which uses all lower-case characters. When you change a user's password, new passwords will always support mixed cased characters and the application will always enforce case-sensitivity matches on login when using those passwords.
Note: As of version 15.0, all passwords are case sensitive moving forward. New passwords support mixed-case entries.
Security options and rules
Data in the fields in the bottom section of this tab specify password requirements, such as minimum number of characters, allowable special characters, and how often passwords must be changed. All fields are optional. The following are the minimal password complexity requirements which are automatically set for new installs:
Password may not be the same as User ID
Minimum of 8 characters
Combination of letters and numbers required
One special character required
User passwords must be changed every 60 days
Minimum number of days between password changes is one
Number of password changes required before reuse 6
If upgrading, an optional script can be run to enforce these minimal password complexity requirements.
Detail View
Password may not be the same as the user ID
If this box has a check, then user passwords may not be the same as the names used to identify users in the system.
Require combination of letters and numbers
If this box has a check, then passwords must contain both numbers and letters.
Require at least one special character
If this box has a check, then passwords must contain at least one special character. The special character may be at any position within the password. Special characters include: {}|[]\:”;<>?./~!@#$%^&*()_-+=
Note: You do not need to set this option if you want to continue enforcing the Password must start with option, Password must end with option, or both.
Minimum number of characters
Specified minimum length for passwords. If the minimum number of characters specified is zero, then users may leave the Password field blank (i.e., no password required).
Tip: The maximum password length is 64 characters.
Allowable special characters
List of special characters (such as ! or *) that may be included in passwords. To allow spaces within passwords, you must type a space between two other special characters in the list (e.g., ![space]*).
Note: The special characters include {}|[]\:”;<>?./~!@#$%^&*()_-+=
User passwords must be changed every ___ days
Number of days after which a password must be changed. If this field is left blank, passwords never expire. Configuring this field to a non-0 value will cause the user to be warned of their expiring password in Web Modules.
Minimum number of days between password changes
Minimum number of days that must elapse before the password may be changed. If the User passwords must be changed every ___ days field has a value, the value in this field must be equal to or less than that one.
Number of password changes required before reuse
Minimum number of distinct passwords that must have been used since the last time this password was used before it may be used again.
Password must start with
Indicates that passwords must start with a specific type of character: a letter, number, or special character. This field has a list of options.
Note: You may use this option with the Require at least one special character option.
Password must end with
Indicates that passwords must end with a specific type of character: a letter, number, or special character. This field has a list of options.
Note: You may use this option with the Require at least one special character option.
_______________
See Also