Administrators can configure security
settings on the Security page in the Application menu.
If
you are an administrator, you can configure the following settings:
- Allow Autocomplete
- Select this option to enable the feature to autocomplete the login
and password credentials on the login page in a browser.
- Allow Autologin
- Select this option to enable users to automatically log in by
using cookies.
- Display Lost Your Password
- Select this option to display the Lost Your Password link
on the login page.
- Login Delay
- Select this option to enable the delay option between every login
attempt. For each failed login attempt, the delays become longer:
- After the first attempt, the delay is 5 seconds.
- After the second attempt, the delay is 15 seconds.
- After the third attempt, the delay is 60 seconds.
- After the fourth attempt, the delay is 5 minutes.
- After five or more attempts, the delay is 1 hour.
- Account Lockout
- Select this option to lock a user’s account when the user attempts
to log in and fails too many times.
- Force Password Change
- Select this option to force users to change their passwords the
first time that they log in.
- Password Minimum Length
- Specify the minimum length of passwords (3, 6, or 8 characters).
- Login Name Minimum Length
- Specify the minimum length of login names (2, 3, or 6 characters).
- Password Maximum Age
- Select this option to set passwords to expire after a set number
of days (1, 2, 3, 4, 5, or 6 months). A user must enter a new password
when the password expires.
- Password Quality
- Select this option to force users to set unique passwords.
- Basic: Select this option to make sure that the password is not
connected to user information. For example, the password cannot be
part of the user name, login name, or the user email address. The
password cannot be a word in the dictionary. If the password does
not meet the requirements, a warning message is displayed.
- Advanced: Select this option make sure that the password meets
both the basic password requirements and the following requirements.
If the password does not meet these requirements, a warning message
is displayed.
- When the password is spelled backward, it cannot be a word in
the dictionary.
- The password cannot be like an old password.
- If the password is eight characters or less, it must contain at
least one special character.
- If the password is more than eight characters, it must contain
at least two special characters.
- Intermediate: Select this option to make sure that the password
is not checked for the lower case characters. All other conditions
for advanced mode are checked.
- Password Reuse
- If you want the system to keep the passwords for all users in
its memory, select this option (5, 10, or all). Users cannot use a
password that is in the memory of the system.
- Networks with Access to the Ping Servlet
- Specify the client network address that can access the ping servlet
option. Enter the allowed network
address ranges by adding a comma-separated list of network address
ranges by using CIDR notation.
Restrictions: - Both IPv4 and IPv6 network addresses are supported.
- By default, only localhost (127.0.0.1/32 or ::1/128) is allowed.
- If the configuration involves a load balancer or another proxy,
the address of that proxy must be in one of the configured network
address ranges.
- Override Incoming Links Access
- When you select this option, incoming links are displayed to the
user, but the user cannot access them.
- Session Timeout
- Specify the amount of time that a user can be idle before the
session ends. You can specify 1, 2, 4, 8, 12, or 24 hours.