Policy Settings
The following table lists the Policy settings for the decoder:
| Policy Setting | Default | Description/Values |
|---|---|---|
| Minimum Length | 6 characters | Type in the minimum password length (from 6-40 characters). Note Passwords can be up to 80 characters. |
| Quality | Basic | Select the required password quality; works in conjunction with Password requires at least below:
|
| Strong Requirements | 0 | (Password quality must be Strong) Specify the minimum required number of:
The range is from 0 to 40 for all 3. |
Remember Last (Passwords) | 5 | (Password quality must be Strong) This option determines the number of unique new passwords that must be associated with a user account before an old password can be reused. The range is from 5 to 500. |
| Minimum Lifetime (Days) | 0 | (Password quality must be Strong) This option restricts the user's ability to change their password. Enforcing a minimum password lifetime helps prevent repeated password changes to defeat the password reuse or history enforcement requirement. The range is from 0 (no restriction) to 7 days. |
| Password Expiration | Disabled | Check this checkbox to enable Password expiration. |
| Policy Setting | Default | Description/Values |
|---|---|---|
| Auto Logout | Disabled | Check this checkbox to automatically log users out after a specified period of idle time. When enabled, if a user has been inactive for longer than the specified period of time, he/she will be logged out and redirected to the Sign-in page. Systems that are left logged on may represent a security risk for an organization. Note Enabling the Auto-Logout Session policy also limits the number of concurrent sign-ins per account to 4. |
| Logout when idle for | N/A if Disabled ---------- 15 minutes if Enabled | (Auto Logout must be enabled) Specifies the maximum length of time the system may be idle before the user will be logged out. Range: 1 - 1440 minutes. |
| Limit Login Attempts | Disabled | Check this checkbox to lock a user account after the specified number of consecutive failed sign-in attempts during the specified time period. This may be used to reduce the risk of unauthorized system access via user password guessing. |
| Max Failed Attempts | N/A if Disabled ---------- 3 | (Limit Login Attempts must be enabled) Specifies the maximum number of consecutive failed sign-in attempts allowed during the specified time interval before the account will be locked. Range: 3..10 |
| Failed Interval (Minutes) | N/A if Disabled ---------- 15 minutes if Enabled | (Limit Login Attempts must be enabled) Specifies the time period during which the consecutive failed sign-in attempts will be counted to lock out the account. Range: 5..60 minutes Note If a user fails the “Max Failed Attempts” within the “Failed interval”, the account will be locked for 10 minutes. |
| Policy Setting | Default | Description/Values |
|---|---|---|
| Disable Inactive Accounts | Disabled | Check this checkbox to enable automatic disabling of user accounts after the specified number of days of account inactivity. |
| Inactivity Timeout (Days) | N/A if Disabled ---------- 90 Days if Enabled | (Disable Inactive Accounts must be enabled) Specifies the number of days (since the last login) after which the user account will be disabled. Disabled accounts can be re-enabled either via the “account Tip The system adds one (1) day (or 24hour grace period) to the setting configured by the user. |
| Policy Setting | Default | Description/Values |
|---|---|---|
| Compliance | None | Specifies the required cryptographic compliance, either:
Note Either selection will reinforce security for all management functions of the decoder in terms of cryptography. This setting will take effect upon the next reboot. |
| Min TLS Version | TLSv1.0 | Specifies the minimum TLS (Transport Layer Security) version accepted from the HTTPS client.
|