Security Protocols

Parent Previous Next

Security Protocols

  1. Username Length - System can be set to require a username between 1 and 10 characters in length.
  2. Password Length - System can be set to require a password between 1 and 15 characters in length. There is a System Option, Password Required Numeric Characters in the Security module, which can be set to require a certain number of numeric characters.
  3. Password Expiration - System may be set to expire passwords after 1 to infinite1 days using the calendar.
  4. Grace Logins - System can be set to have 1 to infinite1 grace logins after a password has expired. User is asked if they would like to change their password and are taken to the change password screen if they answer yes. If the user fails to change the password in the set number of grace logins the account will be disabled and a system administrator will have to reactivate it.
  5. Password History - When using Password expiration, the system holds last 5 passwords and does not allow them to be used again.
  6. Password Minimum time between changes - System can be set to not allow a password to be changed until 0 - infinite1 days have passed since the last password change.
  7. Failed Login Attempts - System can be set to lock out an account after 1 to infinite1 failed login attempts. Failed attempts are not per session, that is, exiting the menu and restarting or trying from a different machine doesn't reset the count to 0
  8. Lock Out Duration - System can be set to keep a user locked out for 1 to infinite1 minutes, hours, or days after failing to login correctly. Also lock out can be set to permanent.
  9. Password Force Change - System can be set to force users to change a password that has been set by a system administrator via the User Master File. These passwords will be set as expired and the user will have the set number of grace logins to change it.
  10. Account Inactivity - System can be set to deactivate an account if it has been inactive for 1 - infinite1 days.
  11. Temporary Users - Users can be setup as temporary and a date set for when the account will become inactive.
  12. Login Tracking - System can be set to track all logins and logouts (A), only failed logins (F), or no tracking at all (N), based on System Option, Login Tracking Type.
  13. Login Tracking Purging - System can be set to delete tracking records older than 1 - infinite1 days.
  14. Infinite - 2,147,483,647 is the maximum setting for all infinite fields.

 

There is a System Option, SQL Database Names, under the System module, that will allow users with multiple databases on the server to update both databases when a password changes.

There is a System Option, Password Required Special Characters, under the Security module, in which the user may set a number for non-alpha numeric characters to be required in the password.