(Superusers only; network view only) Use the Edit Security Policy dialog box to modify ONS node
security policies including idle user timeout, user lockouts, password changes, and password aging.
|
|
|
These fields modify the amount of time a CTC user can be idle before CTC logs them out. To modify the idle time, click the hour (H) and minute (M) arrows for each CTC security level: RETRIEVE, MAINTENANCE, PROVISIONING, and SUPERUSER. You can choose values between 0 and 16 hours, and 0 and 59 minutes.
|
|
These fields provision the user lockout policies:
• |
Failed Logins Allowed Before Lockout: Sets the number of time a user can fail to log in before CTC locks them out. The minimum is 0, and the maximum is 10. |
• |
Manual Unlock by Superuser: If checked, a Superuser must manually unlock the locked out user before they can log back into CTC. |
• |
Automatic Unlockout After: If Manual Unlock by Superuser is not checked, set the automatic unlock period by changing the minutes (M) and seconds (S) fields. The maximum automatic unlock period is 10 minutes, 0 seconds. |
|
|
These fields provision the user password change policies:
• |
Prevent Reusing Last Password: Sets the number of recent passwords a user cannot reuse. The minimum is 1, and the maximum is 10. |
• |
New Password Must Differ from Old Password: Sets the number of characters that must be different from the old password. The minimum is 1, and the maximum is 5. |
• |
Cannot Change New Password For: If checked, the user cannot change a new password for the number of days set in the “days” box. The minimum is 20, and the maximum is 95 days. |
• |
Require Password Change on First Login to New Account: If checked, requires the user to change their password the first time they log into an ONS node. |
|
|
These fields provision the user password aging policies:
• |
Enforce Password Aging: If checked, requires the user to change their password within the number days set in Aging Period. |
• |
Aging Period: Sets the number of days that must pass before a user is required to change their password. A different aging period can be set for each security level: RETRIEVE, MAINTENANCE, PROVISIONING, and SUPERVISER. The minimum aging period is 20 days, and the maximum is 90. |
• |
Warning Period: Set the number of days the user is warned to change their password. A different aging period can be set for each security level. The minimum is 2 days, and the maximum, 20 days. |
|
|
• |
Identical Consecutive Characters Allowed |
• |
Minimum Length: The minimum length can be set to eight, ten, or twelve characters |
• |
Maximum Length: The maximum length is 80 characters |
• |
Minimum Required Charaters: The password must be a combination of alphanumeric (a-z, A-Z, 0-9) and special (+, #,%) characters, where at least two characters are nonalphabetic and at least one character is a special character. Superusers can specify when users must change their passwords and when they can reuse them. |
|
|
Sets the CTC session policies:
• |
Single Session Per User: If checked, limits users to a single CTC session.(Applicable to TL1/Telnet also) |
• |
Prevent Super User Disable: If checked, prevents the super user disable function. |
• |
Disable Inactive User: If checked, disables users if they have not logged into the ONS node for the time period set in the Inactive Duration field. |
• |
Inactive Duration: Sets the number of inactive days that must pass before the user is disabled. The minimum is 1 day, and the maximum 99 days. |
|
|
Saves any changes and closes the Security Policy dialog box.
|
|
Cancels any changes and closes the Security Policy dialog box.
|
|
Displays CTC context-sensitive help.
|