Changes

{{PasswordEncryption}}

[[image:password001.png|border]]

'''Persistent Login''' provides for the use use of a persistent secure cookie on the users computer to eliminate the need to use a username and password to log into the system. '''This feature will be deprecated in the July 2016 upgrade.'''

'''Disable Inactive Accounts''' provides the ability to automatically disable a user account after a predetermined period of time. A password reset is required by the user to regain access to the system. The main options are:

* '''Disable user accounts after ''[X]'' days''' - The number of days a user account is inactive before it is disabled. Leave this field blank to disable this feature.

* '''Disabled Inactive Account Message''' - The text to be displayed to a user trying to access an expired account.

This section is used to set password attributes

In the example above City, Country and Phone fields have been selected from the user's organization record and first name, last name, birthplace and nickname fields have been selected from the user profile.

'''Complexity''' – the level of complexity required in the [[Password|password]], the options are:

* '''Custom Policy''' - a password policy can be custom defined.

* The '''Compose Custom Password Policy''' table provides the ability to define the custom password policy that matches your organization's security standards and provides control of each character type desired (upper case, lower case, numeric and/or symbols). You can also specify the minimum number of characters required for that character type.

white-space: -o-pre-wrap;

word-wrap: break-word;">&lt;!--@sslogic('@langid@'='2')-->&lt;br>@system.Password Policy - French@&lt;!--@else-->&lt;br>@system.Password Policy@&lt;!--@end--></pre>

===Hierarchical Password Policy===

When viewing a company in your hierarchy, select '''Settings > Password Policy''' to define. <br/><br/>

A different password policy can be defined for each company within the system. <br/><br/>

If there are password policies defined for a company then it will automatically apply to all sub-companies in the [[Creating_an_Organization_Chart_and_Company_Hierarchy|hierarchy]], unless those sub-companies have defined their own password policy. <br/><br/>

If there are no password policies defined for a company, then the system will look at the companies above it in the hierarchy, and if one of these parent companies have a password policy set then it will use these settings. <br/><br/>

If there are no password policies defined for a company, or any of the companies above it in the hierarchy, then the password policy set in [[Global_Settings|Global Settings]] will apply.<br/><br/>

''NOTE:'' There are no settings stored in the database for a company until someone actually opens the Password Policy page for that company and clicks Save.

[[image:password003.png|border]]

* '''Password History Check''' - You can set the number of previous passwords (to a maximum of 32) that the system will remember for each user. When changing their password, users will not be permitted to re-use a previous password until the specified number of unique passwords have been used.

Password Activation Settings can be set to add an extra layer of security to the system. These settings pertain to users who use the "Forgot Password" link on the login page.

:'''Note:''' An example of a good challenge question would be something that is simple, memorable, can't be guessed easily, and won't change over time.

===Rules for Password Activation Settings===

After successful completion of Password Activation, the user will be logged in and their new password will be active.

==Intruder Lockout Settings==

==View Locked Users==

[[Image:ViewLockedUsers.png|1000px]]

* If a user is locked, you can click on the '''Set Password''' button to reactivate the account and send the [[User|user]] a new [[Password|password]].

==View Expired Users==

[[Image:ViewExpiredUsers.png|1000px]]