Configuring automatic response when Axxon One integrity check fails

IP address filtering configuration

To configure the user security policy, do as follows:

  1. Go to SettingsOptions → Security policy.
  2. In the Minimum password length field, set the minimum password length.
  3. In the Number of passwords in history field, set the number of the most recent passwords for each user to be stored in history. 0—do not store password history. If this value is different from 0, the passwords that are stored in history cannot be used when setting a new password.
  4. In the Password validity period field, set the password validity period in days. After the validity period expires, the user is prompted to set a new password. 0—the password validity period never expires.
  5. In the Username and password must meet complexity requirements field, select the positions to meet complexity requirements:
    1. Nothing.
    2. Password only.
    3. Username and password.

      The requirements:

      • Username:
        • must contain at least six characters and at least two digits;
        • must not include common role names, such as: user, admin, administrator, administrator1, root, super, superuser, supervisor.
      • Password must contain at least eight characters that must meet at least three requirements for passwords containing less than 10 characters and at least two requirements for passwords containing 10 or more characters:
        • At least one uppercase letter;
        • At least two lowercase letters;
        • At least three digits;
        • At least four special characters: . , : ; ! ? \ | / ( ) [ ] { } + − = < >" @ ' # * $ ` % ^ & _ ~.
  6. If you need to limit the number of sessions per user to one, set the Prevent multiple logins of the same user account checkbox. This requirement also applies to Web-Clients and mobile Clients.

  7. In the Maximum failed logon attempts field, set the number of failed logon attempts to lock the user's account. 0—no account locking on incorrect passwords. If this value is different from 0, when a new user is created, they are given the name User with a random number from 10000 to 99999. The name can be changed in the user settings.

    When unlocked, the user is offered only one authentication attempt. A successful authentication resets the failed attempts counter to zero, otherwise the user account is locked again.

  8. In the Account lockout duration field, set the duration of user account lockout on failed login attempts in minutes. 0—the account can be unlocked by the administrator only (see Configuring local usersConfiguring LDAP users).
  9. Click the Apply button.

Configuring the user security policy is complete.

If any user accounts created in your system before you applied changes in security policy are incompatible with the new requirements, the users are prompted to change their credentials upon their next login.