To set password policies such as automatic expiry, length, character requirements etc, select Administration > Configuration.
Go to the Password policy section of the screen.
| Info | ||||
|---|---|---|---|---|
| ||||
| Tip |
|---|
Password authentication in PhocasPhocas authenticationThis is the default, with users and passwords stored in the Phocas system. If your site uses Phocas authentication you can set a site-wide password policy. LDAP/Active DirectoryLDAP (Lightweight Directory Access Protocol) authentication can be configured during installation. User passwords take on AD protocols and administrators will not see any Password policy options. |
Password policy options
- Automatic
- expiry (the number of days for which a user’s password will remain valid before it expires
- , forcing the use to reset their password when they next attempt to log on). An administrator can also reset passwords.
- Minimum
- length
- of a password.
- Failed
- login attempts
- . If this is left blank or set to 0, there will be no limit of the number of times a user can attempt to login. See how to unlock a user's account.
- Note. LDAP accounts are not subject to lockout.
- Minimum
- number of upper case
- letters
- Minimum
- number of numeric characters
- .
- Minimum
- number of
Prevent Users From Changing Password
- special characters.
- Whether users are prevented from changing their
- own password.
More about user passwords
Other tools and settings are available to help administrators manage user passwords. These are covered on the Manage user passwords page.