Configuring Password

Password policy allows you to configure the attributes of the Enterprise Archive user's password. Defining a password policy enhances security and helps avoiding the misuse of a user's account.

Enterprise Archive allows you to configure the following types of password policy fields:

  • Password Configuration

  • Account Lock Configuration

Note

You must have Administrator privileges to configure password policy.

To configure password policy:

  1. Click the Administration tab.

  2. Click Password Policy under Configurations from the Administration workspace.
    Figure 8: Password Policy

    images/download/attachments/60329523/password_policy_admin.png

  3. Set the appropriate values for the fields described in the following table:
    Table 6: Password Policy Configuration Options

    Options

    Description

    Default Value

    Password Configuration

    Minimum length

    The minimum length required for the password.

    8

    Enable password complexity

    Enforces the rule that the password must contain a minimum of one uppercase character, one lowercase character, and one numeric value.

    Yes (Enabled)

    Enable strong password

    Enforces the rule that the password must contain a minimum of one special character and that the password must not be similar to the login ID.

    Yes (Enabled)

    Minimum life of password

    Specifies the minimum validity of the password in days.

    0 (When the default value is specified as zero, this means that this policy is disabled)

    Maximum life of password

    Specifies that the password expires after the specified number of days.

    0 (When the default value is specified as zero, this means that this policy is disabled)

    Limit reuse of passwords

    Signifies that the password cannot be the same for the specified number of times. This value is also used to maintain the number of passwords in history.

    0 (When the default value is specified as zero, this means that this policy is disabled)

    Account Lockout Configuration

    Inactive time period for lockout

    If the user does not log on to the account for the specified number of days, the account gets locked. When this value is set to 0, then this policy is disabled.

    90 days

    Number of failed attempts for lockout

    If the user fails to log on for the specified number of times due to wrong password, the account gets locked. When this value is set to 0, then this policy is disabled.

    Five attempts

  4. Click Save.