Password Policy (rule)

Before editing a system rule, ensure that no other users are using the system. After editing a system rule, close the PDXpert client and start it again.

Administrators open this using the Tools ➔ System Rules… menu.

Purpose§

Specifies the password characteristics for all user accounts.

This password policy is only for user accounts authenticated by PDXpert. If user accounts are authenticated by your organization's Active Directory (AD) or Lightweight Directory Access Protocol (LDAP) service, then the domain password policy applies.

Passwords are tested against these rules only when the user creates or changes their password. Users are not required to change their password if it met the previous rules. Use the Password period to force a password expiration. After the period has expired, users will have new passwords, and the Password period can be adjusted or returned to 0 (never expires).

Description§

Administrators specify the numeric, symbolic, and upper-/lower-case alphabetic characters, as well as the minimum number of characters, that are required of all users' passwords.

Data type§

True/false; integer

Recommended or default value§

Assess your environment (number of users, sensitivity of product information, computer locations, regulatory requirements, etc.) to determine your password policy. See comments for each control.

Details§

Separate password required§
Marking this value specifies that the user must make a unique password for change reviews. Clearing this checkbox lets the user enter the account log-in password for saving a change reviewer response.
This value is typically not marked unless a separate signature validation is essential. In most cases, it's unnecessary to require a user to manage two separate passwords.
Must have at least one uppercase letter: A to Z§
Must have at least one lowercase letter: a to z§
Must have at least one number: 0 to 9§
Must have at least one symbol: !@#$%^&*(~)+[-]<|>/?\{_}§
When one of these checkboxes is marked, the user's password must use at least one character from the specified character set.
Mark at least two, and preferably 3, of these checkboxes to ensure a minimal level of security.
Minimum password length§
The maximum length is 28 characters. If you set this value to zero, then the user can have a blank password.
The password length, coupled with a rich set of Must have at least... values (above), determines the overall password strength. A length of at least 8 characters ensures a minimal level of security.
Password period§
The number of days that a password remains valid. The maximum period is 1000 days. A user's password never expires if you enter 0.

2151

Help Guide Contents [as PDF]