Password security

The password security increases protection against unauthorized access to ONTRAM.

Advanced password settings

Security may be increased by configuring the global password settings.

Setting Description
Advanced password settings Activate or deactivate ONTRAM password security.
Minimum password length Determines the minimum number of characters required for a password. If a user changes his password and enters fewer characters than required, it will not be saved and an error message is returned. A secure password contains at least 8 characters. If you enter 0 this function will be deactivated.
Password lifetime (in days) Specifies how long passwords are to remain valid. Activate the function by entering a value > 0. When the function is activated, passwords will become invalid after the number of days configured and new passwords have to be assigned. 0 also deactivates this function.
Maximum number of failed logins Determines the possible number of failed logins. If the maximum number of failed login attempts has be reached, the user will be blocked. How long the block should be effective can be defined in the setting  Duration of user block in minutes after failed logins . If you enter 0 this function will be deactivated.
Duration of user block in minutes after failed logins If a maximum number of failed login attempts was defined, the length of the block in minutes can be defined with this setting. If you enter 0 this function will be deactivated.
Number of passwords to Remember The number of passwords a user has used. The passwords stored in ONTRAM cannot be reused. If you enter 0 the function will be deactivated.
Complexity check

Activate or deactivate the mandatory use of certain characters when creating a password.

Upper-case letters Newly created passwords have to contain capitals.
Lower-case letters New passwords must contain lower case letters.
Numbers New passwords must contain numbers.
Special characters New passwords must contain special characters.
Triviality check The Triviality Check searches the password for words or strings of characters that are included in the user data. When the Triviality Check is activated, strings from the user data are not allowed in passwords.

Edit advanced password settings.

  1. Click Administration > Configuration > System Configuration .
  2. Click Global User Settings . The advanced password settings are displayed.
  3. Configure the advanced password settings.
  4. Click in the toolbar.

Result: Advanced password security has been adjusted.