Configuring Local Authentication Settings
This procedure describes how to configure the password and account security options for all locally-authenticated Cryptographic Security Platform Vault-managed user accounts. Password requirements for externally-authenticated accounts is managed in your LDAP authentication server.
- Log into the Cryptographic Security Platform Vault Management webGUI using an account with Security Admin privileges.
- In the top right, click the Switch to Appliance Management link.
- In the top menu bar, click Settings.
- In the General Settings section, click Authentication.
- In the Type drop-down list, select Local (Password).
- 
                                                    On the Basic tab, change the options as desired, then click Apply when finished.  Options OptionsField Description Password Expiration The maximum number of days that a password can be used before it expires. Cryptographic Security Platform Vault also uses this value to calculate the default password expiration date when a new local Cryptographic Security Platform Vault user is created. (Default: 60.) Once a password expires, the user is prompted to change their account password the next them they log into the webGUI. Max Failed Logins The number of failed login attempts allowed before the user account is locked. (Default: 5.) If the maximum number of logins is exceeded, the next time the user attempts to log in they receive a message informing them that the account is disabled and telling them to talk to a Security Administrator. The Security Administrator must then re-enable the account as described in Re-enabling a Cryptographic Security Platform Vault-Managed User Account. Note: This option applies to all Cryptographic Security Platform Vault-managed accounts, even ones that are authenticated using LDAP. Minimum Previous Passwords The number of unique new passwords that must be associated with a user account before an old password can be used. (Default: 5.) 
- 
                                                    On the Strength tab, click the desired value to change the setting, then click Save when finished. If you change one of these settings, Cryptographic Security Platform Vault applies the new requirements to any new passwords created for a Cryptographic Security Platform Vault account. It does not apply the requirements to any existing Cryptographic Security Platform Vault account passwords.  Options OptionsField Description Minimum Password Length The minimum number of characters that must be in a password. (Default: 8.) Minimum Uppercase Characters The minimum number of characters that must be upper case. (Default: 1.) Minimum Special Characters The minimum number of characters that must be something other than a-z, A-Z,or 0-9. (Default: 1.) Minimum Lowercase Characters The minimum number of characters that must be lowercase. (Default: 1.) Minimum Required Digits The minimum number of characters that must be numeric. (Default: 1.) 
- When you are finished, click Close.
