Setting Security Policies for a Local Authentication User

Security policies for a local authentication user contain password and login policies. Proper settings of the security policies improve system security.

Procedure

  1. Choose Services > File Service > Authentication User > Windows Users > Local Authentication User.
  2. Click Set Security Policy.

    The Set Security Policy page is displayed on the right.

  3. Configure the user name policy for local authentication users.

    Set Min. Length of user names to prevent you from setting overly short user names.

    The value is an integer ranging from 1 to 20.

  4. Configure the password policy for local authentication users.

    Table 1 describes related parameters.
    Table 1 Password policy parameters

    Parameter

    Description

    Length

    Indicates the length of the user password. Do not set a too simple or too long password.

    [Value range]

    The value is an integer ranging from 6 to 32.

    Password Complexity

    Indicates the complexity of a password, preventing you from setting overly simple passwords. Possible values are:

    • A password must contain at least two of the following types: special characters, uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and spaces.
    • A password must contain special characters and at least two of the following types: uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and spaces.

    Max. Consecutive Duplicate Characters

    Indicates the maximum number of consecutive duplicate characters allowed in a password. 0 indicates unlimited.

    [Value range]

    The value is an integer ranging from 0 to 9.

    Password Validity Period

    Indicates the password validity period, in days. 0 indicates unlimited. After the validity period of a password expires, the system prompts you to change the password.

    [Value range]

    The value is an integer ranging from 0 to 999.

    Change Interval

    Indicates the minimum interval for changing a password. 0 indicates unlimited.

    [Value range]

    The value is an integer ranging from 0 to 9999.

  5. Set the login policy for local authentication users.

    Table 2 describes related parameters.
    Table 2 Login policy parameters

    Parameter

    Description

    Incorrect Password Attempts

    Indicates the maximum number of consecutive incorrect password attempts allowed during login. 0 indicates unlimited.

    If the number of consecutive incorrect password attempts for a single node in 1 minute exceeds the value, the system automatically locks the user. The user will be unlocked after 1 minute.

    [Value range]

    The value is an integer ranging from 0 to 9.

    Idle Time Before Lockout

    If a user account has not been used to log in to the system for more than the specified number of days, the account will be locked. You need to manually enable the account. 0 indicates unlimited.

    [Value range]

    The value is an integer ranging from 0 to 999.

  6. Click OK.
Parent topic: Managing Local Authentication Users