IWeb Administrator Guide |
The rules set here apply to all created users and become the default settings.
Only Registry Client users with System Administration permissions can change password rules. |
To set the password rules click the Administration > Settings > Password Rules link. Enter the information in the fields or select the appropriate options, then click Submit. The fields on this page are as follows:
Field | Description | |
Password Minimum Length |
Enter a whole number to force the number of characters a password must contain, or leave the default of 0 to not require a minimum length. |
|
Username Minimum Length |
Enter a whole number to indicate the username must be at least the designated number of characters. |
|
Expire After How Many Days |
Enter a whole number to force the password to terminate after the specific number of days passes, or leave the default of 0 days to not require the password to expire. |
|
Bad Login Attempts Permitted Before Lockout |
Enter a whole number to count the number of bad login attempts before locking the user out of the application. The default setting is 0, which indicates no limitation to the number of bad login attempts. |
|
Lockout Duration (After Bad Login Attempts) in Minutes |
Enter the number of minutes to enforce the lockout after the maximum number of bad login attempts is reached. The default setting is 0, which indicates none. |
|
Prevent Password Reuse in Number of Previous Passwords |
Enter the number of times the new password cannot duplicate a previous password. For example, if the number 5 is entered, users receive an error stating, Cannot reuse a password that has been used in the past 5 passwords. Please try another password. The default setting is 0 to indicate no limitation. |
|
Default User Password |
Enter a password to be given to new user accounts as the default password for all new users. |
|
Enable Case-Sensitive Passwords |
Select Yes to allow the use of case-sensitive passwords. Enabling this option stores the password in the exact upper and lowercase letters the user enters. If this option is enabled after users have already entered passwords, they must enter their passwords in all uppercase letters until the passwords are changed using case-sensitive characters. |
|
Require at Least One Number in Password |
Select Yes to require the use of at least one number in the password. Select No if numbers are not mandatory for passwords. |
|
Require at Least One Number in Username |
Select Yes to require the use of at least one number in the username. Select No if numbers are not mandatory for usernames. |
|
Require at Least One Uppercase Letter in Password |
Select Yes to require the user to enter at least one uppercase letter in the password. Works with the Enable Case-Sensitive Passwords option. |
|
Require at Least One Lowercase Letter in Password |
Select Yes to require the user to enter at least one lowercase letter in the password. Works with the Enable Case-Sensitive Passwords option. |
|
Require at Least One Special Character in Password |
Select Yes to require the user to enter at least one special character in the password. Examples: ! @ # $ % & * |
|
Restrict Username or User's Full Name from Being the Password |
Select Yes to prohibit the user from using their full name in their password. |
|
Show Forgot Password Link at Login |
Select Yes to display the Forgot Password link on the login page, which users can click to receive instructions on how to reset a forgotten password.
|
|
Show Change Password Link on the Menu |
Select Yes to display the Change Password link on the menu, which users can click to be directed to change their password.
|
|
Only Allow User-Created Passwords |
The Administration > Settings > Properties > Email Settings options must be configured in order to use this. Select Yes (and configure the email settings options) to allow users to create their own passwords (instead of adding them when the user accounts are created). The user's email address must be valid. After the user account is created, an email is sent to the user. The user clicks on the link in the email to open the Set New Password page. |
To exclude a specific user access level from a specific Organization (IRMS) from the password expiration rule, click the Password Exclusion Rules button. A pop-up window opens. Select the Organization (IRMS) from the drop-down list, after which the access levels that are currently included in the password expiration rule are listed in the first box. Select one or more access levels from the first box and click the right arrow (>>) button to move the access level(s) to the exclusion box (Access levels excluded from password expiration). Click Close when finished.
To re-include a specific user access level from a specific Organization (IRMS) to the password expiration rule, follow the above steps but move the user access level(s) from the second box (Access levels excluded from password expiration) to the first box (Access levels included in password expiration) using the left arrow (<<) button.