Password Policy
Last updated
Last updated
New role as a 'Super Admin' who have highest access level on every platform
Users should be permitted to change their passwords no more than once per 24 hours, with the configuration of this policy differing for each network.
After the configured number of consecutive failed login attempts within 5 minutes, the account should be locked for the configured amount of time. By default, 5 times will lock for 1 hour.
Users should not be able to set passwords that match any of their last previously passwords. the previous password range is network-configurable, with a default of last 5 passwords.
Super Admin and also Normal User (Agent) should be prompted to change their password every X days.
| User Type | Minimum char | Maximum char | Special requirement |
|---|---|---|---|
| Policy | Minimum | Maximum | Configurable |
|---|---|---|---|
| Policy | Minimum | Maximum | Configurable |
|---|---|---|---|
| Policy | Minimum | Maximum | Configurable |
|---|---|---|---|
| User Type | Minimum (day) | Maximum (day) | Configurable |
|---|---|---|---|
Normal User
*Policy enforced for all users
8
-
a combination of alphanumeric characters
uppercase and lowercase letters
special characters
Super Admin *Configurable by network
8
99
a combination of alphanumeric characters
uppercase and lowercase letters
special characters
Password Change Frequency
1
12
Number of fail attempts
1
12
Range of time to locked account
5
180
Retention limit
1
12
Normal User
30
1095
Super Admin
30
1095
