Password Policy - Manager Settings

This page appears when you click on the Password Policy node in the MANAGER SETTINGS tree that appears when you traverse through the menu sequence: Admin -> Settings -> Manager.

By default, this page helps administrators define a policy for the password that is set for local (not domain) users to the eG management console.

In the Password Complexity section, enter the minimum length for user passwords in the Password length text box. When creating a new local user to the eG Enterprise system, the password you specify for the new user should be at least 8 characters long by default.

In high security environments where the eG manager is made accessible on the public Internet, it is mandatory for the users to provide a strong password so that their credentials are not vulnerable to harmful/malicious attacks. To strengthen the password, eG Enterprise provides users with the flexibility to specify a combination of characters in the password. For this, a separate Password should contain field has been introduced in the Password Complexity section. By default, the Lowercase alphabets checkbox is checked which indicates that the password should contain a minimum of 8 lowercase characters. Users can even provide a combination of characters to strengthen the password. For this, users are allowed to check the checkboxes against the Uppercase alphabets, Numbers and Special characters.

Note:

• When the Uppercase alphabets, Numbers and Special characters checkboxes are checked altogether or separately, it implies that atleast one such character should be specified in the password provided by the user.
• Double quotes (") are not allowed as a special character while specifying the password.

eG Enterprise also provides an optional additional layer of security while specifying the passwords. eG Enterprise is capable of storing the list of passwords specified earlier. Whenever a user specifies a new password, eG Enterprise matches the password with the list of preious passwords and alerts users to provide a new one if the password specified matches. For this, an Enforce Password History flag is provided in the Password History section. By default, this flag is set to No. If this flag is set to Yes, an additional Store upto text box appears. By default, 1 is displayed against the Store upto text box. This implies that the password that is specified/changed after setting the Enforce Password History flag to yes will be stored by the eG Enterprise. When the user again tries to change the password, eG Enterprise will match it with the password specified earlier and accept the password change only if it is different from the previous one.

Note:

Finally, click the Update button to save the changes.