This section helps an administrator to configure the password policy and rules for an organization. To set up the password policy follow these steps:
- Login with administrator credentials
- Click on the Settings icon at top right corner on the Home page.
- From the left menu bar, select Advanced.
- Click Password Policy.
There are three sections to Password Policy. These are:
- Complexity
A complex password uses different types of characters in unique ways to increase security and is difficult to detect by both humans and computer programs, effectively protecting data from unauthorized access. Passwords are typically case-sensitive, so a strong password contains letters in both uppercase and lowercase and can have a combination of different special characters.
MDO uses the below characteristics to make a password more secure:
| Options | Description |
| Uppercase (A-Z) | Selecting this checkbox forces users to add at least one character in upper case in the password. |
| Lowercase (A-Z) | Selecting this checkbox forces users to add at least one character in lower case in the password. |
| Digit (0-9) | Selecting this checkbox forces users to add at least one numeric character in the password. |
| Special characters | Selecting this checkbox forces users to add at least one special character in the password. |
| Initial Login reset password? | Selecting this checkbox will force a user to change the password on the initial /first login.
This option will come into use when an administrator sets or resets a password. |
2. Password Restrictions
There are two types of restrictions which can be applied to a password policy. The table below provides some brief information on the types of restrictions:
| Restriction Type | Description |
| System Defined Value | MDO comes with predefined restriction types which can be used in a password policy such as:
When setting up a password if these restriction rules are applied then a user cannot use their first name, last name or user id in their passwords. To add system defined value restrictions follow below steps:
|
| User Defined Value | There are some specific values or characters which an administrator may wish to restrict in a password. To add user defined restrictions, follow these steps:
|
3. Other Details
Other than complexity and restriction rules there are other criteria which can be applied to the password policy to make passwords more secure. These options include:
| Options | Description |
| Password Length | Password length describes the minimum length of password. Generally, a minimum of eight characters for a password length is recommended but may be increased as per the company password policy. |
| Password History count | Password history count ensures that the same password is not used again. For example, if the history count is set as “3” then a user cannot use the last three passwords. |
| Maximum Password Age (Days) | The Maximum Password Age policy setting determines the period (in days) that a password can be used before the system requires the user to change it. You can set passwords to expire after several days between 1 and 999. |
| Account locked after failed login attempts | The system provides an option to specify the number of failed login attempts before a user account is locked. For example, if the failed login attempt is set as “4” then after four incorrect login attempts the user account gets locked. Only an administrator can unlock the user account. |