No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionStorage OBS 7.0 Administrator Guide 06

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Security Policies

Configuring Security Policies

Security policies include user name, password, and login policies. The use of security policies helps improve system security.

Context

Only the super administrator and security administrator have the permission to configure security policies.

Procedure

  1. Log in to DeviceManager.
  2. Choose Settings > User and Security > Security Policies.
  3. Configure Username Policy, Password Policy, and Login Policy.

    Table 4-1, Table 4-2, and Table 4-3 describe related policy parameters.

    Table 4-1 User name policy parameters

    Parameter

    Description

    Min. Length

    Indicates the minimum length of a user name, which prevents an excessively short user name from being set. The value must be an integer ranging from 5 to 32.

    Table 4-2 Password policy parameters

    Parameter

    Description

    Min. Length

    Indicates the minimum length of a user password, which prevents an excessively short password from being set. The value must be an integer ranging from 8 to 32.

    Max. Length

    Indicates the maximum length of a user password, which prevents an excessively long password from being set. The value must be an integer ranging from 8 to 32.

    Complexity

    Indicates the password complexity, which prevents an excessively simple password from being set. Complexity options are as follows:

    • A password must contain special characters and at least two of the following character types: uppercase characters, lowercase characters, and digits.
    • A password must contain special characters, lowercase characters, uppercase characters, and digits.

    Number of Duplicate Characters

    Indicates the maximum number of consecutive same characters in a password. Possible values are No Restriction and an integer ranging from 1 to 9.

    Number of Retained

    Historical Passwords

    Indicates the number of historical passwords retained for a user account. A new password must be different from any of the retained historical passwords. The value must be an integer ranging from 0 to 30. Value 0 indicates no restriction.

    Password Validity

    Indicates whether to set a password validity period. You are advised to enable this function.

    Password Validity Period (Days)

    After Password Validity Period is enabled, you need to specify the number of days for which a password remains valid. When the password validity period expires, the system asks the user to change the password. The value must be an integer ranging from 1 to 999.

    Password Expiration Warning Period (Days)

    After Password Validity Period is enabled, you need to specify the number of days prior to password expiration that the user receives a warning message. The value must be an integer ranging from 1 to 99.

    Password Change Interval

    Indicates whether to enable password change. You are advised to enable this function.

    Password Change Interval (Minutes)

    Indicates the password change interval. The value must be an integer ranging from 1 to 9999.

    The new password cannot be the default password

    Indicates whether to prevent the new password of the super administrator from being set to the default password.

    Table 4-3 Login policy parameters

    Parameter

    Description

    Session Timeout Duration (Minutes)

    If a logged-in user who has not performed any operations during the specified period attempts to operate again, the system displays a timeout message. After the user clicks OK, the system returns to the login page. The value must be an integer ranging from 1 to 100.

    Account Lock

    If Account Lock is enabled, a user account will be locked as soon as the number of consecutive invalid password attempts made by the user account exceeds Max. Number of Incorrect Password Inputs.

    NOTE:

    Security risks arise if you disable Account Lock. Therefore, you are advised to enable it.

    Max. Number of Incorrect Password Inputs

    Indicates the number of consecutive invalid password attempts allowed. A user account will be automatically locked as soon as the number of its consecutive invalid password attempts reaches the value. The value must be an integer ranging from 1 to 9.

    NOTE:
    • This parameter is available only when Account Lock is enabled.
    • After a user account is locked, the super administrator can manually unlock it. If Lock Mode is set to Temporary, the system automatically unlocks a user account as soon as the specified Automatic Unlock in (Minutes) expires.

    Lock Mode

    Indicates an automatic locking mode.

    • Permanent: The administrator, device administrator, resource administrator, and read-only user accounts will be locked permanently. The super administrator and key administrator accounts will be automatically unlocked 15 minutes after being locked.
    • Temporary: You can set a length of time for which the super administrator, key administrator, administrator, device administrator, resource administrator, and read-only user accounts will be automatically locked.

    Automatic Unlock in (Minutes)

    Indicates the duration of automatically locking a user account. After the duration expires, the locked user account is automatically unlocked. The value must be an integer ranging from 3 to 2000.

    • This parameter is available only when Account Lock is selected and Lock Mode is set to Temporary.
    • This parameter applies only to automatic locking. This parameter does not take effect if a user account is manually locked. A manually locked user account can be manually unlocked only.
    • A user account will be locked as soon as the number of consecutive invalid password attempts exceeds the specified value.

    Lock Account When Idle

    Indicates whether to lock a user account that remains idle (namely, never logs in) for the specified Lock Account When Idle.

    Idle Period (Days)

    Indicates the number of days for which a user account remains idle. The value must be an integer ranging from 1 to 999.

    Login Security Info

    After a user account logs in, information about its last login (including the login time and IP address) is displayed to enhance security.

    Change the Password upon First Login

    A user is asked to change the password at the first login. After changing the password, a user needs to log in again.

    User-Defined Info

    After a user account logs in successfully, a warning containing the preset prompt information is displayed.

    Info

    This message is used to notify a user of a successful login.

  4. Click Save and confirm your operation as prompted.
Translation
Download
Updated: 2019-07-17

Document ID: EDOC1100051329

Views: 9221

Downloads: 22

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next