Password PolicyIf you have a password policy in your company, this can be also applied for Astrow Web application in System - Tab Application Config. A password policy refers to the obligation users have, firstly, to have a password, and then change the password after an interval defined for security reasons (additionally a limitation related to the usage of past passwords can also be set) with a minimum password strength.
Use password policy: Put on YES, this will activate the password policy.
Password expires after X days (0 means never): Here you can set the number of days a password will expire after creation.
Max. number of passwords keep in history: Set here the number of passwords to keep in history for your password policy. If this parameter is set, you are not allowed to use any of the last x passwords kept in history when changing your password in accordance with the policy.
Minimum password strength: The parameter refers to the password strength. If set to Weak, the policy will accept a password with at least 6 digits or letters. If Good, the password should contain at least 7 different letters/digits, 1 special character and 1 capital letter. If Strong, the password must contain at least 9 different letters/digits and a combination of 4 different special characters and capital letters.
When the interval set (if > 0) for password expires, the user will get a notification at login to change it and won't be able to enter the application. If a limitation to use old passwords was set (the parameter is > 1), the user won't be able to use for change the last password(s) had in the past, until the limitation expires. For example, if the limitation is 2, the user won't be able to set the last password used and the one before; if the limitation is 3, the user won't be able to use the last password used and 2 before.
The colored bar will guide you when changing the password:
When changing the password the user must set one with the strength defined in the system, otherwise the new password won't be accepted. This is the first validation made.
The second validation is made against the past passwords limitation. If your password is still in history, you are not allowed to use it.
|