Previous Topic: Specifying Basic Authentication Policy SettingsNext Topic: Specifying Master Administrator Authentication Policy Settings

CA RiskMinder Administration GuideGetting StartedConfiguring Administration Console SettingsSpecifying Basic Authentication Policy SettingsConfiguring the Basic Authentication Password Policy

Configuring the Basic Authentication Password Policy

As the name implies, Basic Authentication method enables administrators to log in to the Console by using a user ID and the corresponding password.

You can use the Basic Authentication Policy page to strengthen the password policy by enforcing restrictions, such as password length, allowed number of special characters, and the number of failed login attempts allowed before locking the account.

To configure the Basic Authentication policy:

  1. Ensure that you are logged in as the MA.
  2. Activate the Services and Server Configurations tab.
  3. Click the Administration Console option on the submenu of the tab.
  4. Under the Authentication section on the side-bar menu, click the Basic Authentication Policy link to display the corresponding page.
  5. Specify the parameters explained in following table in the Password Policy Configuration section. All the parameters on this page are mandatory.

Parameter

Default Value

Description

Minimum Password Length

6

The minimum number of characters that the password must contain. You can set a value between 6 and 32 characters.

Maximum Password Length

25

The maximum number of characters that the password can contain. You can set a value between 6 and 32 characters.

Maximum Failed Attempts

5

The maximum consecutive number of times an administrator can specify the password incorrectly, after which the credential will be locked. You can set a value between 3 and 10.

Minimum Numeric Characters

1

The least number of numeric characters (0 through 9) that the password must contain. You can set a value between 0 and 32 characters.

Maximum Password History Count

3

The maximum number of previously used passwords that cannot be reused.

Validity Period

180 days

The maximum number of days for which a password is valid.

Allow Multi-Byte Characters

The following options are disabled if you select this check box.

Select this option if you want to allow multi-byte characters in the password.

Minimum Alphabetic Characters

4

The least number of alphabetic characters (a-z and A-Z) that the password must contain. You can set a value between 0 and 32 characters.

Minimum Special Characters

1

The least number of Allowed Special Characters that the password must contain. You can set a value between 0 and 32 characters.

Allowed Special Characters

(optional)

!@#$%^&*()_+

The list of special characters that the password can contain.
  1. Click Save to save the changes you made on this page.
  2. Refresh all deployed RiskMinder Server instances.

    See "Refreshing the Cache" for instructions on how to do this.