Page History

To configure the user security policy, do as follows:

1. Go to Settings → Options
(1) →
2.  → Security
Policy (2)
3. policy.
   Image Modified
Set
4. In the Minimum password length field, set the minimum password length
(3)
5. .
Set
6. In the Number of passwords in history field, set the number of the most recent passwords for each user to be stored in history
(4 )
7. . 0
– do
8. —do not store password history. If this value is
non-zero
9. different from 0, the passwords that are stored in history
may not be reused.
10. cannot be used when setting a new password.
11. In the Password validity period field, set the password validity period in days. After the validity period
Set the password expiration time interval in days (5). After the time interval
12. expires, the user
will be
13. is prompted to set a new password. 0
— the
14. —the password validity period never expires.
Select
15. In the Username and password must meet complexity requirements field, select the positions to meet complexity requirements:
nothing, password only, user name and password (6).

16. 1. Nothing.
    2. Password only.
    3. Username and password.
       

       Note
       title Attention!
       The requirements:

user name

17. 1. Username:

should contain no less than 6

18. 1. must contain at least six characters and at least

2

19. 1. two digits;

should

20. 1. must not include common role names, such as: user, admin, administrator,

admin1

21. 1. administrator1, root, super, superuser, supervisor.

The password has to

22. 1. Password must contain at least

8 characters, which should meet at least 3 requirements listed below:

23. 1. eight characters that must meet at least three requirements for passwords containing less than 10 characters and at least two requirements for passwords containing 10 or more characters: At least one uppercase letter; At least two lowercase letters; At least three digits; At least four special characters: . , : ; ! ? \ | / ( ) [ ] { } + − = < >" @ ' # * $ ` % ^ & _ ~.

24. at least 1 capital letter;
25. at least 2 lowercase letters;
26. at least 3 digits;
at least 4 special characters: !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~
28. If you need to limit the number of sessions per user to one, set the
corresponding checkbox (7)
29. Prevent multiple logins of the same user account checkbox. This requirement also applies to
web
30. Web-Clients and mobile Clients.
Set

31. In the Maximum failed logon attempts field, set the number of failed

login

32. logon attempts to lock

a

33. the user's account

(8)

34. . 0

– no

35. —no account locking on incorrect passwords. If this value is

non-zero

36. different from 0, when a new user is created, they

will be

37. are given the name

user

38. User with a random number from 10000 to 99999. The name can be changed in the user settings.

    Note
    title Attention!
    When

unblocked

39. unlocked, the user is offered only one authentication attempt. A successful authentication

will reset the failed attempts counter to

40. resets the failed attempts counter to zero, otherwise the user account

will be blocked

41. is locked again.

Set
42. In the Account lockout duration field, set the duration of user account
locking
43. lockout on failed login attempts in minutes
(9)
44. . 0
– the
45. —the account can be unlocked by the administrator only (
see Locking a user account
46. see Configuring local users, Configuring LDAP users).
47. Click the Apply Image Added button.

Configuring the user security policy is complete.