You can set up and configure a password policy for your
organization and associate it to user accounts in the organization
from the Applications Manager.
About configuring a password policy
You can set up and configure a password policy for your
organization and associate it to user accounts in the organization
from the Applications Manager.
Defining rules for a password policy
You can define and configure rules for the password policy
in the Application. Each rule has parameters for specifying one or
more policy definitions (password change, password length or password
reset).
Create an assignment rule
Assignment rules are applied when a password policy is
assigned to a user or an enterprise.
Create a login rule
Login rules are applied when a user logs into the application.
Login rules can be used to validate either the number of failed login
attempts by a user or the number of failed login attempts from a specific
URL. The login rule can also be used to check expiry of passwords.
Create a password change rule
Password change rules are applied when a password is changed
by a user. Password change rules can be used to validate password
length, strength, and the history that tracks previously used passwords.
Creating a password reset rule
Password reset rules are applied when a password is reset
due to invalid password entry or password expiry. Password reset rules
can be used to allow password resets for a user or an enterprise,
and modes of password resets, such as, e-mail, SMS or any other protocol.
Create a secret answer rule
Secret answer rules are applied during user authentication,
whenever a password is changed or reset. Secret answer rules can be
used to validate user answers against secret questions that are defined
for the organization. Secret answer rules can also be used to validate
and control the number of incorrect answers allowed to secret questions.
Modify a rule definition
Once all the rules and parameters are created, they are
displayed in the Password Rule Definition List panel.
Creating password policy parameters
Creating the rule sets up the framework for rule parameters.
Afterwards, you configure the password policy in order to specify
the actual value of the parameters that are required by the rule.
Configuring questions
The system allows you to define a set of questions for
user authentication during a new password request following password
expiry or a password reset. The questions are set at the organization
or enterprise level.