Jump to: navigation, search

How to setup password policies for vaultastic users

Table of Contents

Setup password policies for Vaultastic users

Overview

Password policies help to strengthen the security. These include Password complexity & length, Password history and Password Expiry. Define the password complexity, length of the password, as required.

Password complexity and length

  • The complexity policy defines the level of password complexity as required such as simple, complex, more complex, or no complexity at all.
  • The complexity levels restrict users to set the minimum or maximum length of the password and characters to be used in password string.
  • The complexity and history level can be applied to all the users of the domain.

Password History

  • The password history policy maintains the passwords set by user and restricts user to set different password than the passwords stored in the history.
  • Policy allows to decide the number of passwords to be stored in history. If the number of password to stored as history is 1, user is restricted to set the different password than the current one.

Password Expiry

  • The password expiry enables the administrator to force users to change their password regularly.
  • When the password expires, access to specified services is blocked, thereby forcing the user to reset his password.
  • It is possible to block services selectively or none at all - in which case the user will get only an alert mail about the password expiry.
  • The password expiry date is calculated by adding user's password age to his password time stamp (time when the password was last reset). If today's date matches the password expiry date, the user's password has expired and his access to the specified services is blocked. To continue accessing the services, the user has to change his password.
  • On changing the password, the user can access all the services again.
  • The feature has been designed to make it easy to apply and maintain for a large set of users.
  • WARNING :
  1. The password policy must be set off manually for the system users since mail alerts etc are sent using system users. The system users are: catchall, exception, postmaster, support, webmaster, abuse, root, anonymous, monitor. Not doing this can cause serious consequences like Tomcat service restarting automatically every 10 minutes.

Configuration

  • Configuring password policies help to strengthen the security of the server.
  • The user with admin-rights can perform all the admin activities which includes configuring password policies.
  • Apply policies at Domain level or user level.
  • Use Admin Panel to configure frequently used properties.

Domain Configuration

Application Steps Frequently Used Domain Properties

Admin Panel

Admin Panel > Domain Name > Password Policy

  • Enable/disable the Password Expiry service for the domain.
  • Define the Password Complexity required.
  • Decide the Password Depth. The default value is 1, which specifies that the new password should be different from the current one.

User Configuration

Application Steps Frequently Used User Properties

Admin Panel

Admin Panel > Domain > User > Password > Enter New Password
  • Set Password
  • Enable/disable the Password Expiry feature for the user
  • Decide the Password Age that is number of days for which the password is valid after the last password change.