Online Software Help Manual

BookmarkIndexPrint
Contents
Display Legacy Contents

Password Policy

The password policy dialog is an optional dialog to configure detailed password settings concerning the password strength and expiration date. Overall security may be increased by enforcing the user to use a minimal password length and by preventing the reuse of old passwords. The password policy dialog looks like this:

The following options are available to improve password settings:

  • Minimum Password Length:
    By activating this option the user will be forced to use a password with the minimum amount of characters shown. The default value is "5"

  • Password History:
    Logs the last used passwords of a user and prevents the reuse of an old password. The number of logged passwords can be entered.

  • Password Expiration:
    Defines the time interval in days for renewing the password. Users need to change their password to a new one if the entered time has passed.

In addition to defining password security details, the application offers protection mechanisms against password hacking. Details about suspending the application and the user account can be configured in the Protection Mechanisms field:

  • Suspend Application:
    The application will automatically suspend itself after a given amount of unsuccessful tries to enter the password. The number of unsuccessful tries can be defined here. If the user exceeds the entered amount of tries he will see a warning message:




    The application will then be blocked for 5 minutes and display the following message with a timer countdown which cannot be closed or canceled:



     

  • Disable User Account
    As a more profound measure to prevent password hacking the user account may be disabled after given amount of wrong passwords. The number of unsuccessful tries before disabling the user account can be defined here. If the user exceeds the entered amount of tries the application will simply close and the user account will be disabled. The user needs to contact the applications administrator to re-enable his account again.