Adding a wireless password policy

A wireless password policy defines the rules that govern users' passwords. When you create a user account and require a password, you can specify the password policy that applies to the user.

About this task

A password policy contains rules that regard user passwords.

By default, SafeLinx includes two wireless password policies in the Default Resources organizational unit. The unrestricted password policy contains no rules. The moderately secure password policy includes a set of password rule restrictions.

You can modify the default policy to provide settings for all or most users by editing the properties of the password policy. You can also create your own password policies to satisfy specific requirements. To define a wireless password policy, complete the following procedure:

Procedure

  1. From the Resources page in SafeLinx Administrator, right-click the organizational unit (OU) in which you want to create the password policy, and then click Add Resource > Wireless Password Policy.
  2. In the Add a New Password Policy wizard, type a policy name in the Password policy field and then click Next.
  3. Specify the rules for this policy by providing values in the following fields, and then click Next.
    Rule labelDescription
    Minimum alphabetic characters The minimum number of alphabetic characters (a-z, A-Z) that must be in a password.
    Minimum non-alphabetic characters The minimum number of non-alphabetic characters (for example, 0-9, #, &, $, %) that must be in a password.
    Minimum length The minimum number of characters that a password must contain.
    Minimum different characters The minimum number of characters that must be unique in a new password when compared with the most recently used password. This rule is disabled when directory service persistent data storage encrypts passwords by using a one-way encryption algorithm, such as secure hash algorithm (SHA).
    Number of passwords before reuse The number of most recently used passwords that a user cannot reuse.
    Maximum age (days) The maximum age (in days) for the user's password. When the password reaches this age, it must be changed before successful connection can occur.
    Minimum age (days) The minimum age (in days) for the user's password before it can be changed. Set the value to 0 to allow users to change their password at any time.
    Maximum repeated characters The maximum number of times a character can be repeated in a password.
    Number failed connection attempts before lock The number of times that a user can submit an incorrect password before the account is locked. If this number is exceeded, the account is locked and the user cannot log in.
    Time before reuse (days) The number of days before a previously used password can be reused.
    Password can contain user ID Specifies whether password can include the user ID string.
    Allow numeric first/last characters Specifies whether passwords can begin or end with a numeric character.
    Allow password modification Specifies whether users are allowed to change their passwords.
    Maximum consecutive characters The maximum number of times that a character in the password can be repeated consecutively.
    Minimum characters from 2 of 3 groups (alpha, numeric, other) The minimum number of characters that the password must contain from at least 2 of the following 3 groups:
    • Uppercase and lowercase letters
    • Numbers
    • Punctuation and special characters
  4. Select the primary and secondary OUs to which you want to add the policy and then click Finish.