Purpose: This document describes the settings within the global preferences that can be edited through the global preferences editor.
Global Preferences Settings
The global preferences settings panel allows you to view/edit the global preferences for a security project.
Global Properties Settings Editor Fields
| Password Strength & Restrictions | ||
|---|---|---|
|
Typically, most users log on to their computer or application by using a combination of their name and password simply typed on a keyboard. Although alternative technologies exist for authentication, such as biometrics or smart cards, most organizations still rely on traditional passwords; therefore, it is important that password policies can be defined that mandate the use of strong passwords. These settings exist to enforce password strength within the system. | ||
 |
Maximum Length | Specifies the maximum length (number of characters) that a password can be within the system. This value can be between 14 and 28 characters. The default is 14. |
 |
Minimum Length | Specifies the minimum length (number of characters) that a password can be within the system. This value can be between 0 and 14 characters. The default is 6. If this value is set to 0, users are allows to have blank passwords. The recommended value for this setting is 6-8 characters.
Note: If Complex Passwords is enabled, and this value is set to less than 6 characters, then the minimum password length is enforced to be 6 characters. |
 |
Complex Passwords | Determines whether users are required to supply passwords that meet the minimum complexity requirements. Click here for a definition of what the system considers a complex password. If this box is checked, then the minimum password complexity requirements will be enforced any time a user's password is set or changed. |
 |
Minimum Time Between Password Changes | Determines the amount of time (in days, hours, and minutes) that a user must wait between password changes. For example, if the setting is 3 hours, then when a user changes his/her password he/she must wait 3 hours before his/her password can be changed again. |
 |
Maximum Password Age | Determines the amount of time (in days and hours) that a user can keep a password before it expires and must be changed. If this value is set to 0, then passwords will never expire and the system will never require users to change their passwords.
Note: This value can be overriden at the user level by specifying that the user's password will never expire. |
 |
Enforce Password History | Prevents users from using passwords they have used in the past, up to the number of passwords that specified. This value can be between 0 and 24. The default is 10. If the password history is configured to 0, then the password history feature is disabled. |
| Logon and Sessions | ||
 |
Deactivate Account | Indicates how many invalid logon attempts the system will allow on the account before the account is deactivated. The number of invalid logon attempts specified must occur within the amount of time specified for the account to be disabled. The default number of invalid logon attempts is 3, and the default amount of time is 1 minute. |
 |
Password Input Intervals | Specifies the amount of time a user must wait after an invalid logon attempt before he/she is allows to logon again. This forces a user to wait the specified amount of time after they enter an invalid password. The default amount if 5 seconds. |
 |
Session Inactivity Lock | The amount of inactivity the application will allow before the session is locked and the user must re-authenticate before continuing to use the application. The system will resume to is previous state after the session is unlocked. The default for this value is 20 minutes. If this value is set to 0, the application will never timeout.
Note: This value can be overriden at a user level. |
| Buttons | ||
 |
Edit, Save, and Cancel Buttons |
|