Release Notes › New Features › 12.6 › Native CA IdentityMinder Replacement for SiteMinder Advanced Password Services
Native CA IdentityMinder Replacement for SiteMinder Advanced Password Services
In addition to basic password policies, CA IdentityMinder provides the following additional password settings now decoupled from SiteMinder:
- Password expiration:
- Track failed or successful logins - When enabled, tracking information for successful or failed login attempts is written to the password data attribute of the relevant user in the user store.
- Authenticate on login tracking failure - If disabled, users are not able to log in when CA IdentityMinder cannot write tracking information to the user store.
- Password expiration if not changed - Configures expiration behavior. If a password has not changed after a specified number of days, users are disabled or forced to change their password. Also allows expiration warnings to be sent for a specified number of days.
- Password inactivity - Configures inactive user behavior. If the user has not made a successful login attempt after a specified number of days the user is disabled or forced to change their password.
- Incorrect password - Configures the number of failed logins that are allowed before the user is disabled.
- Multiple regular expressions - Specifies regular expressions that passwords must or must not match. CA IdentityMinder password policies support a single expression of each type.
- Password restrictions:
- Minimum days before reuse
- Minimum number of passwords before reuse
- Percent different from last password
- Ignore sequence when checking for differences - Ignore position of characters when calculating the percentage difference.
Note: This release does not support historical password data from a CA IdentityMinder deployment that uses CA SiteMinder password services (password history) to a deployment that includes only CA IdentityMinder r12.6 password services.
Copyright © 2013 CA.
All rights reserved.
|
|