Enforcing password security in Dataloy VMS

The system can help our customers to enforce that passwords are not too simple, are not re-used, or have other weaknesses.

Your system administration (typically your superuser) can enable the features that enforce improved password security. 

Security measures that can be enforced:

  • Mechanisms to ensure that the complexity of the password is high.  (Password Complexity: Case sensitivity and prohibit inclusion of the username in the password)
  • Ensure that it is not possible to reuse old passwords (Password History)
  • Ensure that passwords are long enough (Password Length)
  • Ensure that the users are enforced to change their passwords after a configurable time. (Password Age) 

Configuring the system:

 Create the following properties in General Master Data  under "Dataloy Property". (Administrator rights is required to change these settings)

Property Name

Value

Description

com.dataloy.password.history

number

Number of passwords before the same password can be reused

com.dataloy.password.minlength

number

Minimum length (number of characters) of the password

com.dataloy.password.complexity

true/false

Will check if password contains username

com.dataloy.password.expire

true/false

Maximum age of the password, forces the user to change her/his password when logging in. Number of days a user can have the same password is stored on the user in User Administration.


com.dataloy.policy.stricttrue/false

When this setting is activated two additional fields will be made available in the "User Administration" module; 

Password Expires Every, value should be number of days before a password expires. 

Password Last Changed, the date for when the password was changed.