6.9 Security
Password Control
This password policy is applied to local users only when the Indeni system is handling user management and not any central authenticated system implemented on the customer side (e.g. Active Directory).
Strong Password
You can define a minimum password length of 1 character up to a maximum of 12 characters. You can define password complexity to contain at least a number and a special character (!@#$%^&&*()).
Maximum Password Age Policy
You can define how long users can keep a password before they are required to change it. Password expiry ranges from 0 to 180 days. This policy forces the user to change their passwords on a regular basis. The system will create email notification prior to password expiry to remind users when it is time to change their passwords before they actually expire.
Password History Policy
You can set number of unique passwords before reuse (0/3/5/10). For example, new password must not match previous five passwords used. This policy prevents users from reusing previous passwords, thus preventing them from alternating between several common passwords.
Lockout Policy
You can enforce account lockout after a certain number of incorrect password attempts (3/5/10) for greater security. You can choose the lockout duration (10/30/60 minutes or until an administrator unlock the account).