Password policy parameters
Parameter | Description | Values |
---|---|---|
Duration | Specifies the how long user passwords are valid. Note: Not applicable to LDAP users. Note: If set to 365 days, after a
software upgrade, manually change this value to 3650. |
Default: 3650 days |
Parameter | Description | Values |
---|---|---|
Minimum Length | Specifies the minimum number of characters for the user
password. Note: Not applicable to LDAP
users. |
Default: 8 |
Minimum Number of Uppercase Characters | Specifies the minimum number of uppercase characters for the user
password. Note: Not applicable to LDAP
users. |
Default: 2 |
Minimum Number of Lowercase Characters | Specifies the minimum number of lowercase characters for the user
password. Note: Not applicable to LDAP
users. |
Default: 2 |
Minimum Number of Numerical Characters | Specifies the minimum number of numerical characters for the user
password. Note: Not applicable to LDAP
users. |
Default: 2 |
Minimum Number of Symbols | Specifies the minimum number of symbols for the user password. Note: Not applicable to LDAP users. |
Default: 2 |
Parameter | Description | Values |
---|---|---|
Maximum Number of Login Failures | Specifies the maximum number failed log in attempts before a user is locked out. | Default: 5 |
Maximum Number of User Sessions | Specifies the maximum number of active log in session for a local user. | Default: 3 |
Number of Old Passwords to Reject |
Specifies the number of unique new passwords assigned to a user before an old password can be reused. |
Default: 3 |
Permanent Lockout | If enabled, specifies that a user is automatically locked out after
exceeding the maximum number of log in failures. The account remains
locked until an administrator unlocks it. If this parameter is enabled, the Wait Increment, Maximum Wait Time, and Failure Reset Time parameters do not apply. |
Default: disabled |
Wait Increment | Specifies how long a user must wait after a failed attempt before
logging in again. Note: This parameter is not
applicable if the Permanent Lockout parameter
is enabled. |
Default: 60 seconds |
Maximum Wait Time | Specifies how long an account remains locked out before it is
automatically unlocked. Note: This parameter is not
applicable if the Permanent Lockout parameter
is enabled. |
Default: 3600 seconds |
Failure Reset Time | Specifies how long after a failed log in attempt before the counter
for the Maximum Number of Login Failures is reset
to 0. This counter is also reset after a successful log in. Note: This parameter is not applicable if the
Permanent Lockout parameter is
enabled. |
Default: 30 seconds |
Quick Login Check | Specifies how long the system checks if there are any concurrent login attempts made with an incorrect password for a user. | Default: 1000 milliseconds |
Quick Login Wait | Specifies how long a user is locked out after being locked out from a quick login check. | Default: 60 seconds |