Password security

On the Administration > Appliance Security > Password Security page, a user logged into an Administrator account can specify password security settings for all users. This page has three sections:

  • Password Requirements – specifies password length, case usage, and requirement for non-alphabetic and numeric characters. For changed passwords, specifies the minimum number of positions that need to be changed between the new and old passwords. Specifies the number of the number (from 1 to 16) of previous passwords the appliance should save and test to ensure that the user is not recycling a small set of passwords. Also specifies the lifespan of a password. When a password expires, the user is forced to change it upon their next login.

  • Login Settings – allows you to:

    • Limit the number of user sessions to one per name/password combination.

    • Require users of new accounts to change their password on their first log in.

    • Specify the number of consecutive failed login attempts the NetProfiler allows before disabling logins for an account.

    • Specify how long logins are disabled on an account after the allowed number of failed login attempts has been exceeded.  If a user needs access before the lockout period has expired, the Administrator can edit the account profile to specify a new password for the account.

    • Exempt the admin account from being locked out by repeated unsuccessful login attempts. The "Prevent user 'admin' from being locked out via a DoS attack." feature applies to only the factory-created admin account. It does not affect any user-created admin accounts.

    • Specify if the splash screen is dismissed automatically after 5 seconds, is displayed until the user clicks Acknowledge, or is not displayed.

    • Specify the path to a splash screen graphic file, such as a company banner in a gif, jpg, png or tiff file. NetProfiler uploads the file and saves it until it is overwritten by a subsequent splash screen file upload. The file can be up to 1 Megabyte in size. Additional file formats are also supported: aiff, jb2, jp2, jpc, jpf, pad, swc, swf, wbmp and xbm.

    • Add text to be displayed to a user before they log in, such as appropriate use statements.

  • Inactivity Timeout – specifies how long an account can remain inactive before being automatically logged off.  

    • This global setting can be overridden by a shorter time set for an individual user account, but not by a longer time.

    • When the appliance is in the Strict Security mode, this setting is automatically limited to no more than 10 minutes.

    • The timeout can be overridden when the appliance is displaying the main pages used for monitoring the network.

Settings made on this page are linked to the settings made on the Global Account Settings page. To view that page, go to the Administration > Accounts Management > User Accounts page and click Settings.

Some of the selections on this page are cannot be modified when the appliance is in the Strict Security mode.   more

Appliance security