password security

This financial news is brought to you via the Alfred Johnson blog. We hope you find it useful.

NOTE: The new features listed below will be available on the upcoming Financials Release (8.10).

 

Overview:  Prior to Release 8.10 Admin users had the ability to choose one of the following password security strength settings:

  • Medium: The password must be between 5 and 30 characters long and must contain at least one digit.
  • Strong: The password must be between 8 and 30 characters long with at least one number and one special character.
  • Extra Strong: The password must be between 8 and 30 characters long and must contain at least two upper case letters, three lower case letters, two numbers, and a special character.
  • Custom: Select the custom option if you want to enter your own regular expression to define password complexity.

However, the Admin could not change the default settings defining the number of times a user could try to login without being locked out of the program.  Nor, could the user define the length of time that the attempted logins occurred, and could not set the number of minutes the site would be locked for access if login attempts failed.  These default settings are:  10 tries over 5 minutes results in access being locked for 15 minutes after last failed attempt.  (NOTE:  Financials users that also have Arena can make these changes in Arena if they have Admin access rights.)

With Financials 8.10 and later, Admins have full access over all of these password options.

Using New Control Settings in Release 8.10:  Use the following steps to modify Password Login Security settings:

  1. From the Financials Opening screen, hover over Utilities and choose Organization.
  2. Click the Security Settings
  3. Choose Password Strength using the pull down arrow on the Password Strength
  4. Enter the number of times a user is permitted to login before being locked out of the program in the Threshold Count
  5. Enter the length of time before the program restarts counting number of attempts in the Threshold Minutes
  6. Enter the length of time in minutes that the user will be locked out of the program.
  7. Click Update to save your settings.

 

Source: alfredjohnson.net