Tab Security
Use password policy: If YES, using the application will apply the password policy. If NO, the application will not apply any password policies.
Password expires after X days (0 means never): Here you can set the number of days a password will expire after creation if you use the password policy. Keep the default 0 if you don't.
Max. number of passwords keep in history: Set here the number of passwords to keep in history in case you use a password policy. If this parameter is set, you are not allowed to use any of the last x passwords kept in history when changing your password in accordance with the policy.
Minimum password strength: The parameter refers to the password strength. If set to Weak, the policy will accept a password with at least 6 digits or letters. If Good, the password should contain at least 7 different letters/digits, 1 special character and 1 capital letter. If Strong, the password must contain at least 9 different letters/digits and a combination of 4 different special characters and capital letters.
2 Factor Authentication: The parameter activates a security login option for users also using Astrow Mobile (MSS, ESS, or VT). When logging in Astrow Web, users will receive a notification in Astrow Mobile to confirm the authentication in Astrow Web. If Always, the confirmation of authentication will be requested each time a user logs in Astrow Web; if Random, the request will be made arbitrary.
Disable account after X failed consecutive logins: Here you can set after how many attempts of failed successive logins to deactivate a user account. By default, the parameter is set to 4, meaning that after 4 attempts to log in with a wrong password, the account is suspended (inactive) and can be reactivated only by a user with security permissions.
|