6.9 Security

Password Control

This password policy is applied to local users only when the Indeni system is handling user management and not any central authenticated system implemented on the customer side (e.g. Active Directory).

Strong Password

You can define a minimum password length of 1 character up to a maximum of 12 characters. You can define password complexity to contain at least a number and a special character (!@#$%^&&*()).

Maximum Password Age Policy

You can define how long users can keep a password before they are required to change it. Password expiry ranges from 0 to 180 days. This policy forces the user to change their passwords on a regular basis.  The system will create email notification prior to password expiry to remind users when it is time to change their passwords before they actually expire.

Password History Policy

You can set number of unique passwords before reuse (0/3/5/10). For example, new password must not match previous five passwords used. This policy prevents users from reusing previous passwords, thus preventing them from alternating between several common passwords.

Lockout Policy

You can enforce account lockout after a certain number of incorrect password attempts (3/5/10) for greater security. You can choose the lockout duration (10/30/60 minutes or until an administrator unlock the account).