Enforcing password security in Dataloy VMS
The system can help our customers to enforce that passwords are not too simple, are not re-used, or have other weaknesses.
Your system administration (typically your superuser) can enable the features that enforce improved password security.
Security measures that can be enforced:
- Mechanisms to ensure that the complexity of the password is high. (Password Complexity: Case sensitivity and prohibit inclusion of the username in the password)
- Ensure that it is not possible to reuse old passwords (Password History)
- Ensure that passwords are long enough (Password Length)
- Ensure that the users are enforced to change their passwords after a configurable time. (Password Age)
Configuring the system:
Create the following properties in General Master Data under "Dataloy Property". (Administrator rights is required to change these settings)
Property Name | Value | Description |
---|---|---|
com.dataloy.password.history | number | Number of passwords before the same password can be reused |
com.dataloy.password.minlength | number | Minimum length (number of characters) of the password |
com.dataloy.password.complexity | true/false | Will check if password contains username |
com.dataloy.password.expire | true/false | Maximum age of the password, forces the user to change her/his password when logging in. Number of days a user can have the same password is stored on the user in User Administration. |
com.dataloy.policy.strict | true/false | When this setting is activated two additional fields will be made available in the "User Administration" module; Password Expires Every, value should be number of days before a password expires. Password Last Changed, the date for when the password was changed. |