User configuration: Security guidelines
General security settings are defined here.
Login guidelines
Maximum number of failed login attempts
Maximum number of failed login attempts defines how often a user may attempt to log in again after
a login has failed, such as because the password was entered incorrectly.
Password guidelines
Maximum password age
Maximum password age defines how long a password is valid.
Minimum password length
Minimum password length defines the minimum number of characters that must be entered so that the password is valid. When passwords are created that fall below this number, an error message will be shown.
Allowed characters
In
Allowed characters, you define which characters may be used for passwords.
Illegal characters
In
Illegal characters, you exclude those characters that may not be used in passwords.
Reject, if matches regular expression
Reject, if matches regular expression allows you to enter a regular expression that will be used to check characters which are not allowed in the password.
If the expression ^([A-Za-z0-9ÄÖÜäöü]{6,40})$ is entered to the field to the right of the setting, for example, passwords would
not be allowed that contained six to 40 characters, contain upper- and lowercase letters, or umlauts in upper- or lowercase.
Test for character repeats
Test for character repeats enables you to restrict the frequency with which a preset part
of the password can be repeated within the password.
Reject passwords found in dictionary
The
Reject passwords found in dictionary setting causes passwords that consist only of known words, e.g.
"flower" or "birthday", to be declined.
Reject passwords found in history
The
Reject passwords found in history setting causes passwords that were already used to be declined.
Additionally you can define if only the
All or only the
Last passwords will be rejected.
Reject letter sequences
Reject letter sequences causes passwords to be declined if they contain sequences of letters in order (such as "ABC").
Reject numeric sequences
Reject numeric sequences causes passwords to be declined if they contain sequences of numbers in order (such as "123").
Reject passwords containing user names
Reject passwords containing user names declines passwords that contain the user name.
Reject passwords with whitespace
Reject passwords with whitespace prevents passwords from being used that contain space characters.
Account guidelines
Password expires
Here, you can specify that a password has an expiration date as defined in the
Password management.
User must change password at next login
The setting that
User must change password at next login means the user will be requested to enter a new password when they log in with an expired password.
User cannot change password
Here, you can specify that users are allowed to change their password. The link in the login dialog that is used to change the password will be hidden with this setting.