Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Form: Password Policy Details

The form provides the standard form icons

The following fields are configured:

FieldDescription
NameName of the password policy
Passwords must have at least:
Minimum Length

The minimum length of the password. If blank, the minimum length is 1.

Upper Case CharsThe minimum number of upper case characters [A-Z] in the password.
Lower Case CharsThe minimum number of lower case characters [a-z] in the password.
Numeric CharsThe minimum number of digits [0-9] in the password.
Special CharsThe minimum number of special characters in the password ( \ ! " # $ % & ( ) * + , . / : ; < = > ? @ [ ] ^ _ { | } ~ ).
A new password cannot be the same as:
A password used in the last N daysA new password cannot be the same as a password used previously within this number of days.
Any of the last N passwordsA new password cannot be the same as any of this number of previous passwords.
Passwords will expire:
After a warning period of N DaysPasswords will expire after this number of days.
... and a Grace Period of N DaysIf a grace periods is configured, users will receive a warning about password expiry after the "Expiry Period" but the password will not expire until this additional number of days.
Lock account after:
Failed login attemptsThe user's account will be locked after this number of unsuccessful login attempts.
Password reset:
Allow Reset

If ticked, a user can request a password-reset link to be emailed to his their configured email address.

When the user follows this link, he they must answer one of his previously configured security questions and provide a new password.

Note that emails sent for password resets will have the from address that has been set as the System Email Address in System Configuration.

Maximum reset attempts

The maximum number of attempts the user can make to reset his their password. After this number of failed attempts, the user should contact his their system administrator.

Reset links valid for

The link in a reset email is valid for this number of minutes. A link older than this will be rejected.

If no value is set, Reset links are valid indefinitely.

Description
DescriptionOptional: a description of the password policy.

...