Instance administrators can set password policy. Doc.one allows to set minimum password length, complexity, session timeout, password age and history.
- Open the Settings section.
- In the Password Policy table set the following data:
Minimum Password Length — minimum number of symbols (6-16), which a password must contain.
Password Complexity — you can choose several restrictions:
- capital letters (A-Z)
- lowercase letters (a-z)
- special characters (e.g., !, $, #, %)
- numbers (0-9)
Session Timeout — session length in minutes. If a user is inactive for a certain period of time, the system will ask to login again.
Maximum Password Age — determines the period of time (in days) that a password can be used before the system asks a user to change it. One can set passwords to expire after a number of days between 1 and 999, or you can specify that passwords never expire (the blank line in a drop-down list).
Enforce Password History — determines the number of unique new passwords that must be associated with a local account before an old password can be reused. Password reuse is an important concern in any organization. one can choose any value from 1 to 24, or not set it at all.
Lockout Threshold — determines the number of failed sign-in attempts that will cause a local account to be locked.
Lockout Observation Window — determines the number of minutes that must elapse after a failed logon attempt before the failed logon attempt counter is reset to 0 bad logon attempts.
Note: you should leave at least one attempt before lockout threshold.
Note: A locked account cannot be used until an administrator unlocks it in the Users section.