Defining password compliance

Top  Previous  Next

JSCAPE MFT Server may be configured to require that user passwords meet certain requirements.  To configure password requirements, click on the Compliance node in JSCAPE MFT Server Manager.

 

Figure 106

 

clip0106

 

 

Minimum password length of - Requires that password contain the minimum number of defined characters.

 

Minimum password age of - Sets a minimum to the number of hours at which passwords may be changed. Administrators will be able to change passwords regardless of this setting.

 

Maximum password age of - Requires that user passwords be changed before reaching maximum password age.  This option can be overridden at the user level by enabling the Ignore password aging rules option.

 

Email password change reminder - Emails a password change reminder to the email address associated with user the defined number of days before password reaches maximum password age.  To function correctly an SMTP server must be configured under Settings > Email in JSCAPE MFT Server Manager.  Note, email reminders are sent daily, approximately 10 minutes after start of JSCAPE MFT Server and every 24 hours thereafter.

 

Password must not match previous - Requires that new passwords must not match the defined number of previous passwords.

 

Require password reset on first time login - Requires new users to reset their passwords the first time they login.

 

Deny login for password non-compliance - If enabled, user password will be verified at time of login to check that it meets compliance requirements.  If it matches user password but does not meet compliance requirements then user will be denied login.

 

Required characters - Passwords must contain the selected characters.

 

FIPS compliance - If switched ON, administrators will not be allowed to change allowed ciphers, whether through the GUI or administrative API.