View Source

Dataloy Knowledge Base > 2018/06/01 > Enforcing password security in Dataloy VMS > paulius-dragunas-627082-unsplash-compressed.jpg

The system can help our customers to enforce that passwords are not too simple, are not re-used, or have other weaknesses.

Your system administration (typically your superuser) can enable the features that enforce improved password security.

Security measures that can be enforced:

Mechanisms to ensure that the complexity of the password is high. (Password Complexity: Case sensitivity and prohibit inclusion of the username in the password)
Ensure that it is not possible to reuse old passwords (Password History)
Ensure that passwords are long enough (Password Length)
Ensure that the users are enforced to change their passwords after a configurable time. (Password Age)

Create the following properties in General Master Data under "Dataloy Property". (Administrator rights is required to change these settings)

Property Name	Value	Description
com.dataloy.password.history	number	Number of passwords before the same password can be reused
com.dataloy.password.minlength	number	Minimum length (number of characters) of the password
com.dataloy.password.complexity	true/false	Will check if password contains username
com.dataloy.password.expire	true/false	Maximum age of the password, forces the user to change her/his password when logging in. Number of days a user can have the same password is stored on the user in User Administration.
com.dataloy.policy.strict	true/false	When this setting is activated two additional fields will be made available in the "User Administration" module; Password Expires Every, value should be number of days before a password expires. Password Last Changed, the date for when the password was changed.