Configuring a Security Policy for Administrators

The security policy for administrators contains the password policy, session timeout threshold, certificate authentication and login policy. Configuring a security policy for administrators can improve system security.

Procedure

  1. On the menu bar, select Settings.
  2. In the navigation tree, choose System Administrator > Security Policy.
  3. Configure a security policy for administrators. Table 1 describes related parameters.

    Table 1 Security policy parameters of administrators

    Parameter

    Description

    Value

    Min. Length

    Minimum length of the administrator password. A complex password is recommended.

    The value can be selected from the drop-down list.

    [Example]

    8 characters

    Complexity

    Complexity of the administrator password. A complex password is recommended.

    The value can be selected from the drop-down list.

    [Example]

    The password must contain special characters, upper-case letters, lower-case letters, and digits.

    Password Validity

    Check whether a validity period needs to be set for the password. If yes, enable Password Validity.

    -

    Validate Period

    Validity period of the administrator password. When this period is reached, the system prompts you to change the password in time.

    This parameter is available only when Password Validity is enabled.

    [Value range]

    The value is an integer from 60 to 360.

    [Example]

    360

    Min. Password Retention Period

    Minimum lifespan of a new password.

    This parameter is available only when Password Validity is enabled.

    NOTE:

    If you set Min. Password Retention Period, and modify the password in the time of the Min. Password Retention Period, modify password fails.

    [Value range]

    The value is an integer from 1 to 9999.

    [Default value]

    5

    Timeout Period

    If the login administrator does not perform any operation within this period, the system displays a message indicating timeout upon the next operation. The administrator can click OK to go to the login page.

    [Value range]

    The value is an integer from 1 to 100.

    [Example]

    10

    Digital Certificate Authentication

    After certificate authentication is enabled, the certificates of the accessed services are verified to ensure that the services are secure and recognized by the system.

    -

    Wrong Input Count

    Number of allowed consecutive incorrect passwords. When the threshold is reached, the system automatically locks the administrator.

    NOTE:

    The default administrator admin can manually unlock the locked administrator. Alternatively, the locked administrator is automatically unlocked after the lock period ends.

    [Value range]

    The value is an integer from 1 to 9.

    [Example]

    3

    Lock Duration

    Lock period of the administrator. After the lock period ends, the administrator is automatically unlocked.

    This parameter applies to automatic locking only. A manually locked administrator can only be manually unlocked.

    [Value range]

    The value is an integer from 3 to 2000.

    Administrator test is automatically locked since the number of incorrect passwords reaches Wrong Input Count. For example, if Lock Duration is set to 3, the administrator is automatically unlocked by the system 3 minutes later.

    [Example]

    3

    First Login

    Whether to enable the policy of changing the password upon the first login of the interface interconnection account.

    After this function is enabled, new interface interconnection user can be used only after the password is changed.

    This function is enabled by default.

  4. Click OK.
Parent topic: System Administator
Copyright © Huawei Technologies Co., Ltd.