Standard Authentication¶
The system supports a standard method of authentication, where users must log in with their username and password each time they access the system.
Note
For more advanced security measures, such as the use of two-factor authentication, please consider using the OpenID Connect option for authentication.
Password Policy Configuration¶
There are a number of Parameters that can be used to configure the password policy for PSO Users:
- MinPasswordLength: this is 8 by default.
- MinPasswordCharacterCategories: this controls the number of categories of character that a password can contain. These are: uppercase, lowercase, numeric, symbolic and titlecase/other unicode character.
- PasswordCannotContainId: when set to true, if the user id is "user" then the password cannot contain "user". This is false by default.
- PasswordCannotContainNamePart: when set to true, if the user name is "user" then the password cannot contain "user". This is false by default.
- PasswordValidityPeriod: controls how long a password is valid for. This is zero by default which is interpreted as meaning the password will not expire.
- PasswordExpiryWarningPeriod: controls how long before password expiry that the user will start to be warned that their password must be changed. This is zero by default which is interpreted as meaning that there is no warning period.
- MaxRetainedPasswords: maximum number of previous passwords to be retained and checked against to ensure a new password is unique. The default is zero meaning no previous passwords are retained.
- OldPasswordRetention: time period over which to retain passwords. This is zero by default meaning that passwords are not retained for any period of time. Note that for password retention checks to work you must configure both MaxRetainedPasswords and OldPasswordRetention to be greater than zero.
Note
Password Policy parameters are configured at the organisational level and cannot be overridden for individual users. Any changes to these parameters should be made against the default organisation profile.