beautypg.com

Strong password rules, Enable user lockout, Figure 214 lockout settings – Raritan Engineering Command Center CC-SG User Manual

Page 193

background image

C

HAPTER

12:

ADVANCED ADMINISTRATION

177

Strong Password Rules

Strong password rules require users to observe strict guidelines when creating passwords, which
makes the passwords more difficult to guess and, in theory, more secure. Administrators can
enable or disable this feature

⎯ see the previous section Configure Security. When strong

passwords are enabled, a password change will be rejected unless it meets the following criteria:
• Passwords must be at least six characters long.
• Passwords must contain at least one alphabetical character and one non-alphabetical character

(number or punctuation symbol).

• The first four characters of the password and the username may not match.
Strong password rules apply only to user profiles stored locally. Password rules on an
authentication server must be managed by the authentication server itself. Passwords stored on
CC-SG should be managed by CC-SG and whatever rules it defines.

Enable User Lockout

Administrators can lock out CC-SG, CC-NOC users, and SSH users after a specified number of
failed login attempts. This features applies to users who are authenticated and authorized locally
by CC-SG and does not apply to users who are remotely authenticated by external servers, see
Chapter 9: Configuring Remote Authentication for additional information. Failed login
attempts due to insufficient user licenses also do not apply.

Note: By default, the

ccroot

account is locked out for five minutes after three failed login

attempts. For

ccroot

, the number of failed login attempts before lockout and after lockout is not

configurable.

1. On the Setup menu, click Security Manager. When the Security Manager screen appears,

click on the General tab.

2. Scroll down until you see Lockout Settings.

Figure 214 Lockout Settings

3. Click Lockout Enabled.
4. The default number of failed login attempts before a user is locked out is 3. You can change

this value by entering a number from 1 to 10.

5. Choose a Lockout Strategy:

a. If you choose Lockout for period and specify a period of time, in minutes, the user will

be locked out before they can login again. The default number is 5 minutes, but you can
specify anywhere from 1 minute up to 1440 minutes (24 hours). After the time expires,
the user can login again. At any time during the lockout period, an administrator can
override this value and allow the user to log back into CC-SG.

b. If you choose Lockout until admin allows access, this means that users are locked out

until an administrator allows them to log back in. To unlock a user, please see Chapter
10: Generating Reports for additional information.