Password Policies
You can customize the policies that users must follow when creating and changing passwords using the following settings.
Setting | Description |
---|---|
Enforce strong password |
If selected, a "strong" password is required. The preferences are enforced upon the next interval requiring a user to change their password. A strong password includes:
In Prism 2.3 and later you can customize the "Enforce Strong Password" feature:
|
Enforce password history for X days | Enforce password history ensures that old passwords are not reused continually. Users cannot repeat the same password after expiration for X days. |
Password expires after X days | Enter the number of days passwords can be used before they expire. If you enter 90, then users must change passwords every 90 days. |
Prompt changing password X days before expiration | User must change password after X days. User will be prompted to change their password upon login after expiration |
Lock user account after X failed logon attempts | This setting limits the permitted number of failed password attempts. This prevents malicious users from trying one password after another in a brute force attack. A common setting is "3," which means that the account will be locked after the third failed password attempt. |
User account lockout duration | This setting determines the length of the lockout. If set to 30, then when a user's account is locked because of failed password attempts, the account will remain locked for 30 minutes and no one will be able to log in to the account during that time, even with the correct password |
Sample Password Policy settings: