Editing Password Security Settings

In the Password Security View, which you can open from the Administration Perspective launch panel, you can change password specific settings like:

Password Security View
Figure: Password Security View

The section Password Encryption describes how password encryption can be enabled or disabled.

Password Strength

In case Enable Strong Passwords is enabled, the following select boxes are available:

Password Strength
Figure: Setting Password Strength

The value range for each field is from 0 - 6. Click on the drop-down list to choose one of these values:

Password Strength
Figure: Select a Value.

Password Reuse

In case Require Unique Password is enabled, the following selection fields are enabled:

Password Reuse
Figure: Password Reuse

Values are provided from 0 - 6. Click on the drop down selection list to choose one of these values:

Password Reuse Select
Figure: Select a Value.

Password Expiration Policy

In case Force Periodic Password Change is enabled, the following entry fields are provided:

Password Expiration Policy
Figure: Password Expiration Policy Settings

Maximum Password Age

In the Maximum Password Age entry field, a value can be entered to determine the maximum time a password is valid. Default value is 90 days and allowed value range is 1-999

Administrator Passwords

Users having the administration role do not get expired.

Send notification e-mail

The Send notification e-mail x days prior to password expiration entry field value determines the number of days, a user should be informed before the password expires. In case the value is set to 0 no notifications is sent. The default value is 3 days. The allowed value range is 0-999

Providing the Portal Login URL

You can provide the URL for the portal login page via the property Security.Password.LoginDialogUrl in your carnot.properties file. In case this property is set, the provided URL will be added to your notification mail.

Changing the Notification Period

The period to send these notification mails is set to once per day per default. In case you like to change this period, set the property system.daemon.PasswordNotifier.Periodicity in your server-side carnot.properties file to the number of days you like to start the notification after the last pass.

Number of Days for Disabling Account after Password Expiration

After the user password has expired, the account is put into a limited mode for a period of days where the user is still able to access the system only for changing the expired password. After this period is expired, the account will be deactivated and administrative action is required to re-activate it again. You have the option to set the number of these days to disable accounts after the password has expired.

In the Disable account x days after password expiration entry field, you can enter the number of days the account will be disabled after the official password expiration. Set value -1 to disable this feature. This is the default value. The allowed value range is 0-999

Saving Password Settings

Click Save to apply all changes.

A dialog opens to confirm to save the password security settings:

Confirmation Dialog
Figure: Confirmation Dialog

In case the saving has been performed successfully, a notification dialog opens:

Info Dialog
Figure: Save Information Dialog

Password Encryption

Per default, password encryption is disabled. To determine that password encryption is enabled, you can set the property Security.Password.Encryption in your server-side carnot.properties file to true.

This property should only be set once, otherwise the passwords are not readable anymore.

If this property is set to true, the Password Encryption checkbox is enabled. Note that you cannot edit the field.

Password Encryption
Figure: Password Encryption

You have the option to retrieve encrypted passwords from a file by using the console or sysconsole command provided by Infinity Process Platform. Please refer to the chapters Sysconsole Command and Console Command of the Infinity Process Platform Documentation - Operation Guide Sysconsole Command and Console Command in the Operation Guide of the Developers Handbook for detailed information on the appropriate commands and necessary parameters.