Configuring Authentication Group Settings
Configure the password validation requirements for an authentication group in the Password Validation section of the Auth Groups module.
The following settings are available:
Group Details
| Property | Description |
|---|---|
| Authentication Group Name | Specify the name for this authentication group. |
| Group Members | List of applications in this authentication group. |
Password Validation
Caution
If you select any custom password requirements, be sure to create a custom requirements description to make customers aware of your password policies.
This section contains settings that describe the type of password required and the lifetime of a password. See Configuring Passwords for more details about password requirements and password strength.
| Property | Description |
|---|---|
| Expiry Interval | Length of time in days before a password expires. |
| Reuse limit |
Prevent users from re-using the same password. This is the number of old passwords that are checked for duplicates when a user chooses a new password. For example, if this is set to 3, a user may not re-use any of their previous three passwords as their new password. |
| Strength | Calculated password strength. See Configuring Passwords |
| Party Details Check |
Prevent users from using easily guessable personal details such as their name or address as passwords. Select this check box to compare a new password with details from the user's party record. |
| Requirements | Password pattern. Choose from one of the built-in options. See Configuring Passwords |
| Requirements Expression | Regular expression that describes the password pattern. This is not editable. |
| Requirements Description |
Description of the password requirements. This is displayed to users when they set their password. You can choose a custom message if you prefer. |
System Lockout Details
Provides a way to lock the system during maintenance or upgrades. To lock out a specific user, use the Parties module. See Preventing a Party from Logging In for details.
| Property | Description |
|---|---|
| System Lockout | Select this checkbox to prevent any user except a System Administrator from logging in to the authentication group. |
| System Lockout Message | Message displayed when a user tries to log in to a locked system. |
Authentication Configuration
Specifies what happens when a user fails to log in successfully.
| Property | Description |
|---|---|
| User Lockout Message | Message displayed when a user tries to log in when their personal account is locked. |
| Account Disabled Message | Message displayed when a user tries to log in when their personal account is locked. |
| Lock Account After X Failed Attempts | Number of failed attempts before a user account is locked |
| Lock Account for X Seconds |
Length of time for which to lock a user account when they have reached the lockout limit. This is used to deter unauthorised people from trying to log in by entering many password permutations. |
| Disable Account After X Failed Attempts | Number of failed attempts before a user account is disabled. At this point, the user must apply for a new password to re-enable their account. |