...
- Minimum password length must be 8(eight) characters.
- Cannot be the same (meaning exactly the same) or similar (defined as 80%) to your user name
- Must contain all of the following four:
- Upper case letters e.g. A,B,C
- Lower case letters e.g. a,b,c
- Numbers e.g. 1,2,3
- Symbols e.g. @,#,+ !)
- Should be changed at least every three months
- Ensure that passwords are not displayed on screen
- Issue temporary passwords that must be changed on first use
- Users must set their own password
- Reuse of passwords must be restricted. Reuse of the last eight passwords used is not allowed
- Lockout account after 5 times within 30 minutes
- Lockout duration 30 minutes
User Status Flag
S.No | Status | Description | Remark |
---|---|---|---|
1 | Reset | User status will be set to reset whenever new user is created or password is reset. | While login this flag should be checked and if it is set to Reset then user should be forced to change the password. There will be no password expiry check for the user if it is set to Reset. |
2 | Active | User status will be set to active when user will change the password for the first time. | When the user change the password, status flag changes to Active and password expiry schedulers starts. |
3 | InActive | User status will be set to InActive whenever user password expires. | User will get an email 10 days before password expiry to change the password. |
4 | SystemRestart | Whenever the whole system is down and restarted, user flag is set to SystemRestart. | This will restart all the required schedulers for all the users. |