Configuring Local Authentication Settings

This procedure describes how to configure the password and account security options for all locally-authenticated KeyControl-managed user accounts. Password requirements for externally-authenticated accounts is managed in your LDAP or RADIUS authentication server.

  1. Log into the KeyControl webGUI on any node in the cluster using an account with Security Admin privileges.

  2. In the top menu bar, click Settings.
  3. In the General Settings section, click Authentication.
  4. In the Type drop-down, select Local (Password).

  5. On the Basic tab, change the options as desired, then click Apply when finished.

    ClosedOptions

    Field

    Description

    Password Expiration

    The maximum number of days that a password can be used before it expires. KeyControl also uses this value to calculate the default password expiration date when a new local KeyControl user is created. (Default: 60.)

    Once a password expires, the user is prompted to change their account password the next them they log into the webGUI.

    Max Failed Logins

    The number of failed login attempts allowed before the user account is locked. (Default: 5.)

    If the maximum number of logins is exceeded, the next time the user attempts to log in they receive a message informing them that the account is disabled and telling them to talk to a Security Administrator.

    The Security Administrator must then re-enable the account as described in Re-enabling a KeyControl-Managed User Account.

    Note: This option applies to all KeyControl-managed accounts, even ones that are authenticated using LDAP or RADIUS.

    Minimum Previous Passwords

    The number of unique new passwords that must be associated with a user account before an old password can be used. (Default: 5.)

  6. On the Strength tab, click the desired value to change the setting, then click Save when finished. If you change one of these settings, KeyControl applies the new requirements to any new passwords created for a KeyControl account. It does not apply the requirements to any existing KeyControl account passwords.

    ClosedOptions

    Field

    Description

    Minimum Password Length

    The minimum number of characters that must be in a password. (Default: 8.)

    Minimum Uppercase Characters

    The minimum number of characters that must be upper case. (Default: 1.)

    Minimum Special Characters

    The minimum number of characters that must be something other than a-z, A-Z,or 0-9. (Default: 1.)

    Minimum Lowercase Characters

    The minimum number of characters that must be lowercase. (Default: 1.)

    Minimum Required Digits

    The minimum number of characters that must be numeric. (Default: 1.)
  7. When you are finished, click Close.

 

HyTrust DataControl v 4.3

Copyright © 2019 HyTrust, Inc. All Rights Reserved.

Follow us: