Policy Pages Reference : Security Policy Settings : Password Policy
  
Password Policy
Choose one of the following password policy templates, depending on your security requirements:
•  Strong - Sets the password policy to more stringent enforcement settings. Selecting this template automatically prepopulates the password policy with stricter settings commonly required by higher security standards such as for the Department of Defense.
•  Basic - Reverts the password policy to its predefined settings so you can customize your policy.
For details about password policy, see the SteelHead Management Console User’s Guide for SteelHead CX.
Under Password Management, complete the configuration as described in this table.
Control
Description
Login Attempts Before Lockout
Specify the maximum number of unsuccessful login attempts before temporarily blocking user access to the appliance. The user is prevented from further login attempts when the number is exceeded. The default for the strong security template is 3.
The lockout expires after the amount of time specified in Timeout for User Login After Lockout elapses.
Timeout for User Login After Lockout
Specify the amount of time, in seconds, that must elapse before a user can attempt to log in after an account lockout due to unsuccessful login attempts. The default for the strong security template is 300.
Days Before Password Expires
Specify the number of days the current password remains in effect. The default for the strong security template is 60. To set the password expiration to 24 hours, specify 0. To set the password expiration to 48 hours, specify 1. Leave blank to turn off password expiration.
Days to Warn User of an Expiring Password
Specify the number of days the user is warned before the password expires. The default for the strong security template is 7.
Days to Keep Account Active After Password Expires
Specify the number of days the account remains active after the password expires. The default for the strong security template is 305. When the time elapses, RiOS locks the account permanently, preventing any further logins.
Minimum Interval for Password Reuse
Specify the number of password changes allowed before a password can be reused. The default for the strong security template is 5.
 
Under Password Characteristics, complete the configuration as described in this table.
Control
Description
Minimum Password Length
Specify the minimum password length. The default for the strong security template is 14 alphanumeric characters.
Minimum Uppercase Characters
Specify the minimum number of uppercase characters required in a password. The default for the strong security template is 1.
Minimum Lowercase Characters
Specify the minimum number of lowercase characters required in a password. The default for the strong security template is 1.
Minimum Numerical Characters
Specify the minimum number of numerical characters required in a password. The default for the strong security template is 1.
Minimum Special Characters
Specify the minimum number of special characters required in a password. The default for the strong security template is 1.
Minimum Character Differences Between Passwords
Specify the minimum number of characters that must be changed between the old and new password. The default for the strong security template is 4.
Prevent Dictionary Words
Select to prevent the use of any word that is found in a dictionary as a password. By default, this control is enabled.