ServiceGrid Article - Password Policy
A password policy is defined for a company and is required for all users with this root company. By default, the password policy is enabled for all permission groups. If you click Assign Permission Groups in the master data screen of the password policy, you are able to enable or disable the password policy for some permission groups.
- MinPasswordLength - A password must have at least this length.
- MaxPasswordLength - A password cannot be longer than this value.
- MaxWrongPasswordAttempts - After this number of successive incorrect login attempts, the user account will be deactivated. After a successful login, the counting starts again. The user field DeactivationTime will not be set in this case of deactivation. The user field DeactivationTime will only be set in case of a manual deactivation by an administrator or an upload.
- PasswordHistoryLength -The count of old passwords that will be stored and checked against new passwords. A new password may not be equal to any of these old passwords.
- MinPasswordChangeIntervalHours - If set, the user is not able to change the password more than once within this time.
- PasswordDurationDays - The number of days that a password is valid. After this time, the user is forced to change the password upon login.
- MustUseCapitalFlag - The password must contain a capital letter.
- MustUseDigitFlag - The password must contain a digit.
- LoginnameNotPartOfPasswordFlag - This flag means that the password may not contain the login name. This check is not case sensitive.
Example: Loginname: BWalter; The password may not contain either BWALTER or bwalter. "MyPwdIsBWALter" would not be a valid password.
Loginnames containing $ signs are treated specially: all $ signs are stripped and the tested in the same manner. Therefore, a user with loginname $ff may contain ff in the password.
Exceptions for User Administration
The following two settings are used for changing a user's password as an administrator:
- DisablePasswordHistoryLengthFlag - It will not be checked, if the newly set password is already in the password history.
- DisableMinPasswordChangeIntervalHoursFlag - The administrator is able to change the password as often as desired.
For a complete list of Cisco ServiceGrid Articles, go to the List of Articles page.