Configuring a Security Policy for the Local Authentication User
Security policies for a local authentication user contain password and login policies. Proper settings of the security policies improve system security.
Procedure
- Choose Services > File Service > Authentication Users > Windows Users > Local Authentication Users.
- Select the vStore to which the desired local authentication user belongs from the vStore drop-down list in the upper left corner.
- Click Set Security Policy.
The Set Security Policy page is displayed on the right.
- Set security policies for the local authentication user.Table 3-7 describes the parameters.Table 3-7 Security policy parameters
Parameter
Description
Min. Length
Minimum length of the user name. Do not set a too simple user name.
[Value range]
The value is an integer ranging from 1 to 20.
Password Length
Length of the user password. Do not set a too simple or too long password.
[Value range]
The value is an integer ranging from 6 to 32.
Password Complexity
Requirements on password complexity. Possible values are as follows:
- A password must contain at least two of the following types: special characters, uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and spaces.
- A password must contain special characters and at least two of the following types: uppercase letters, lowercase letters, and digits. Special characters include !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and spaces.
Max. Consecutive Duplicate Characters per Password
Maximum number of consecutive duplicate characters allowed in a password. 0 indicates unlimited.
[Value range]
The value is an integer ranging from 0 to 9.
Password Validity Period
Password validity period, in days. 0 indicates unlimited. After the validity period of a password expires, the system prompts you to change the password.
[Value range]
The value is an integer ranging from 0 to 999.
Password Change Interval
Minimum interval between password changes. 0 indicates unlimited.
[Value range]
The value is an integer ranging from 0 to 9999.
Incorrect Password Attempts
Maximum number of consecutive incorrect password attempts allowed during login. 0 indicates unlimited. If the number of consecutive incorrect password attempts in 5 minutes exceeds the value, the system automatically locks the user. The user will be unlocked after 5 minutes.
[Value range]
The value is an integer ranging from 0 to 9.
Idle Time Before Lockout
If the time during which a local authentication user does not log in exceeds the value, the user is locked. 0 indicates unlimited.
[Value range]
The value is an integer ranging from 0 to 999.
- Click OK.