Note |
---|
If you create a different password policy, remember to update the System Configuration → Advanced → Password Policy to use it. |
If you do not want to use PhixFlow's accounts to manage user access, but instead want to integrate PhixFlow with a single sign-on system, see:
See also pages in the PhixFlow User Administration topic.
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Using a Different Password Policy
To use a different password policy:
- In the repository browser, scroll to System Configuration and click to open its property tab; see System Configuration.
- Expand the Advanced section.
- In the Password Policy field, select the policy you require from the drop-down list.
Adding or Changing a Password Policy
To create or change a password policy, in the repository browser scroll down to the
Insert excerpt | ||||||
---|---|---|---|---|---|---|
|
Basic Settings
Note |
---|
Except for Minimum Length, an empty field means that PhixFlow does not apply a restriction. |
Field | Description | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
Name | Name of the password policy | ||||||||||
Passwords must have at least: | |||||||||||
Minimum Length | The minimum number of characters in password. If this field is left empty, the minimum length is 1. | ||||||||||
Upper Case Chars | The minimum number of upper case characters [A-Z] in the password. | ||||||||||
Lower Case Chars | The minimum number of lower case characters [a-z] in the password. | ||||||||||
Numeric Chars | The minimum number of digits [0-9] in the password. | ||||||||||
Special Chars | The minimum number of special characters in the password. Allowed special characters are:
| ||||||||||
A new password cannot be the same as: | |||||||||||
A password used in the last N days | A new password cannot be the same as a password used previously within this number of days. | ||||||||||
Any of the last N passwords | A new password cannot be the same as any of this number of previous passwords. | ||||||||||
Passwords will expire: | |||||||||||
After a warning period of N Days | Passwords will expire after this number of days. | ||||||||||
... and a Grace Period of N Days | If a grace periods is configured, users will receive a warning about password expiry after the "Expiry Period" but the password will not expire until this additional number of days. | ||||||||||
Lock account after: | |||||||||||
Failed login attempts | The user's account will be locked after this number of unsuccessful login attempts. | ||||||||||
Password reset: | |||||||||||
Allow Reset |
When the user follows this link, they must answer a security question and then provide a new password.
| ||||||||||
Maximum reset attempts | The maximum number of attempts the user can make to reset their password. After this number of failed attempts, the user must contact their system administrator. | ||||||||||
Reset links valid for | The link in a reset email is valid for this number of minutes. A link older than this will be rejected. If no value is set, reset links are valid indefinitely. |