Implementing Password Security Rules

4 min

this functionality portrays the configuration of system usage passwords configuration of system usage passwords , providing a higher level of security with the usage of different characters ⚠️ attention ! this security policy is not available for ldap users from version helium 2 1 0 , when updating the application, the system will automatically configure the following parameters of the privacy policy screen the " enable password policy " field will be configured as enabled; the " minimum size " field will be set to 8; the " require " field will come with lowercase, uppercase, numbers, and symbols options configured as enabled; the " new password " field cannot be equal to the previous ones, it will be set in 2; the " require password " change on the first login field will be configured as enabled; the " password duration " field will be set as 2 months the system will require changing the password at the first login, after an update or installation; for updates, if the password policy is already enabled, the system will respect the client's settings; if the application has its version changed again in less than 2 months, set in the initial configuration, the system will not request a password change for local users who have already made the change; these settings will only be valid for local users; by enabling the " user blocking policy ", the administrator authorizes the blocking of external or internal users; the use of captcha changes the way of logging in, having an extra method of authentication; the administrator, if enabling user blocking, can send e mail to those responsible for system security procedure access the main menu system > settings > policy settings ; enable the " enable password security policy " key; in the " password force " field, the manager must define the minimum number of password characters (minimum value of 8) and it will contain requirements of uppercase letter, lower case, numbers, and symbols ; define the number of previous passwords in which the new one cannot be equal, in the limiter " the new password cannot be the same as the previous ones "; for new users, the password change can be defined by clicking on the " require password change on the first login " key ; in the " password expiration " field, define the time to expire the password; for users who are already in operation, it's possible to force the password change of the new configuration, from the next login, click on the key " force password change at next login for all users "; from version 9 1 2 23 or 9 2 1 0 , new parameters were added 8\ enable the " enable user blocking policy " key a symbol with an " i " stating that will be considered for both internal and external logins; 9\ enable the " enable captcha at login " key this functionality enables a mandatory check for connections of all users in the system; during the login; 10\ in the user blocking field, the administrator must define the minimum number of successive errors of credentials for user blocking, this blocking occurs for both internal and external users and the unlocking is performed inside the product; 11\ define the time of successive credential errors from the last minutes to block the user this field is linked to the " block user after successive credential errors " field since the system needs a time parameter to compare the amount of error in a certain period of time and do not consider the user to be blocked if they are not within the defined time limit for reaching the number of attempts to block; 12\ in the " notifications " field, the following must be defined send security alert to the group inform the group to whom the alert email will be sent in case of the blocked user for exceeding the configured attempts; send security alerts to e mails inform the e mail of possible employees who should be alerted in case of user blocking e mails must be separated by a comma and with no space between them and no space at the end; ⚠️ attention ! if the system identifies the e mail of the user to whom the access was blocked, this user will also receive a blocking e mail the blocking e mail template is not available for change in this version 13\ click on " save "