Password Policy Configuration
Securing user data is of paramount importance in today's digital age. One of the primary defenses against unauthorized access is a robust password policy. By enforcing stringent password requirements, organizations can significantly reduce the risk of unauthorized breaches.
The Password Policy Configuration is a set of guidelines and rules that are set up to improve computer security by encouraging users to employ strong, secure passwords and use them properly.
Password Configuration Settings:
- Enabling Password Policy:
-
Enable the below-specified password policy configurations: When checked, the specific password policies mentioned below will be applied.
-
Hint Configuration:
-
Hint to be shown when the password policies are not satisfied: This field allows you to input a custom message or hint that will be displayed to users when their password doesn't meet the set requirements.
-
Incorrect Password Attempts:
- Disable user on incorrect password attempt: If this is checked, user accounts will be disabled after a set number of incorrect password entries.
-
Number of incorrect password attempts allowed before disabling user: Define how many consecutive wrong password entries will trigger an account lockout.
-
Password Complexity:
- Include at least one uppercase character in the password: Passwords must contain at least one capital letter.
- Include at least one lowercase character in the password: Passwords must contain at least one small letter.
- Include at least one number in the password: Passwords must contain at least one numeric digit.
-
Include at least one special character in the password: Passwords must contain at least one special character (e.g., !, @, #, etc.)
-
Reuse of Passwords:
- Allow reuse of previous passwords: If checked, users can reuse their previous passwords.
-
Number of past passwords to be allowed: Define how many of the user's previous passwords can be reused.
-
Password Length:
-
Minimum password length required: Set the minimum number of characters a password must have.
-
Admin Controls:
- Allow force reset of user password: When checked, allows the system to enforce a password reset for users.
-
Enable Reset Password on password change by Admin: If enabled, users will be prompted to reset their passwords if an admin manually changes them.
-
Password Expiry:
-
User password expires in: Define the duration (in days) after which a user's password expires and needs to be changed.
-
Notifications:
- Send Notification to Users: If enabled, users will be notified of certain password-related events.
-
Force reset password message: Set a custom message to inform users about a forced password reset.
-
Account Inactivity:
- Allow auto lock of user account in case of extended account inactivity: Enable this to lock user accounts after a certain period of inactivity.
- Set account lockdown period: Define the duration of inactivity (in days) that will trigger an account lockout.
-
Two-Factor Authentication (2FA):
- Enable: When checked, users will be required to undergo a second step of verification (e.g., via phone or email) after entering their password.
How to set the password policy
Step-by-step Guide:
- Log into the Vymo web application.
- Click on the gear icon located in the upper-right corner to go to self-serve.
- Navigate to the "User Management" section and select "Password Policies."
- Define your password policy according to the organization's security standards.
- Click "Save" to store the drafted changes.
- To implement the changes, select "Release changes" and confirm with "Yes, Proceed."
- Detail the release information and provide your email ID to receive a one-time password (OTP) for verification.
- Input the received OTP and await the confirmation indicating completion.
- To view and test the implemented changes, log out and then log back into the application.
Two-factor authentication (2FA)
Two-factor authentication adds an extra layer of security by requiring two methods (also known as factors) to verify your identity. These factors can include something you know (like a password or PIN), something you have (like a smartphone or a security token), or something you are (like your fingerprint). 2FA is designed to prevent unauthorized access even if someone knows your password.
Step-by-step Guide:
-
Navigate to the "Two-Factor Authentication" section under "Password Policies".
-
Check the "Enable" option to activate 2FA for the user base.
-
Configure the desired 2FA method and set the parameters such as OTP length, resend timer, and maximum resend attempts.
-
Save the configurations and release the changes to apply them across the organization.