Setting Security Policies for a Local Authentication User

Security policies for a local authentication user contain user name, password, and login policies. Proper settings of the security policies improve system security.

Procedure

  1. Choose Resources > Access > Authentication User > Windows Users > Local Authentication User.
  2. Select a desired account from the Account drop-down list in the upper left corner.
  3. Click Set Security Policy.

    The Set Security Policy page is displayed on the right.

  4. Configure the user name policy for local authentication users.

    Set Min. Length of user names to prevent you from setting an excessive short user name.

    The value is an integer ranging from 1 to 20.

  5. Configure a password policy for local authentication users.

    Table 1 describes related parameters.
    Table 1 Password policy parameters

    Parameter

    Description

    Password Length

    Length of a user password. Do not set a too simple or too long password.

    [Value range]

    The value is an integer ranging from 6 to 32.

    Password Complexity

    Complexity of a password, preventing you from setting an excessive simple password. Possible options are as follows:

    • A password must contain at least two of the following types: special characters, uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~, and spaces.
    • A password must contain special characters and at least two of the following types: uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~, and spaces.

    Duplicate Characters

    Maximum number of consecutive duplicate characters allowed in a password. Value 0 indicates unlimited.

    [Value range]

    The value is an integer ranging from 0 to 9.

    Password Validity Period (Days)

    Password validity period, in days. Value 0 indicates unlimited. After the validity period of a password expires, the system prompts you to change the password.

    [Value range]

    The value is an integer ranging from 0 to 999.

    Password Change Interval (Minutes)

    Minimum interval for changing a password. Value 0 indicates unlimited.

    [Value range]

    The value is an integer ranging from 0 to 9999.

  6. Set the login policy for local authentication users.

    Table 2 describes related parameters.
    Table 2 Login policy parameters

    Parameter

    Description

    Incorrect Password Attempts

    Maximum number of consecutive incorrect password attempts allowed during login. Value 0 indicates unlimited.

    If the number of consecutive incorrect password attempts on a node in 1 minute reaches the value, the user will be locked. The user will be unlocked after 1 minute.

    [Value range]

    The value is an integer ranging from 0 to 9.

    Idle Time Before Lockout (Days)

    If a user account has not been used to log in to the system for more than the specified number of days, the account will be locked. You need to manually enable the account. Value 0 indicates unlimited.

    [Value range]

    The value is an integer ranging from 0 to 999.

  7. Click OK.
Parent topic: Managing Local Authentication Users