Expiring Administrator Passwords

You are here: Home > Server Configuration > Configuring Server Administrators > Expiring Administrator Passwords

For more information, scroll through the topics in the Index or review the topics in the table of contents to the left. If the Index and Contents are hidden, click <--Show Table of Contents.

Expiring Administrator Passwords

The HS module allows you to expire administrator passwords. If you do not activate the module, this feature is disabled after the 30-day trial expires.

If Expire Passwords is enabled and a user logs in with an administrator account with a temporary password, EFT Server prompts the user to supply a new password. Each day it also checks whether passwords are <n> days from expiration, and those passwords are flagged for reminders, if reminders are enabled. All reminder e-mail messages are sent immediately after flagging the accounts to be reminded.

EFT Server executes cleanup procedures every day at 00:00:00 UTC and at Server Startup. This daily server cleanup removes/disables inactive administrators and user accounts and sends password reset and expiration notifications for every Site.

Password initial reset, expiration, and account management features only apply to Sites using EFT Server Authentication and ODBC Authentication. These options are not available if other authentication types (AD, LDAP) are used. Password security features all apply at EFT Server level, not to individual accounts.

EFT Server cannot ask FTP users to change their password prior to logging in and identifying themselves. EFT Server allows them to login (authenticate), but then prevents any further interaction with their session until they change their password.

To expire administrator account passwords

In the EFT Server administration interface, connect to EFT Server and click the Server tab.
In the left pane, click the Server node you want to configure.
In the right pane, click the Administration tab.
Click an EFT Server-managed administrator account, then click Password Policy. The Password Security Settings dialog box appears.

To specify the number of days after which to disable or remove administrator accounts, select the Expire passwords check box, then type or use the arrows to specify the number of days. The default is 90 days.

If you make any changes to the password settings, when you click Apply to push the changes to EFT Server, the counter is reset. For example, if you set it for 90 days, then go back 89 days later and specify a different dictionary file, when you click OK then Apply, the administrator accounts will not expire for 90 days.

Click OK to close the dialog box.
Click Apply to save the changes on EFT Server.

Did this topic solve your problem/answer your question?

- For the most up-to-date information regarding EFT Server and its modules;

- To view version history, updates, and activation instructions;

- To download a PDF of this user guide;

- And to search the Knowledgebase and User Forum,

Visit the GlobalSCAPE Support Center, http://www.globalscape.com/support .

Refer to the About dialog box for copyright information.

Last modified: 14-Sep-10 at 17:45:12

If this help topic did not help you, search the Knowledgebase or pose your question in the GlobalSCAPE User Forum.

For the most up-to-date information, to view version history, updates, and activation instructions; or to download a PDF of this user guide, visit the Support Center at http://www.globalscape.com/support.

Leave compliments or complaints regarding the help in the User Forum. At a minimum, please provide the topic title and why you needed help.

For information about GlobalSCAPE, visit www.globalscape.com, subscribe to our Secure Info Exchange blog, or follow us on Twitter.

Last modified: 18-Aug-11 at 13:43:30