Expiring Administrator Passwords

The HSM allows you to expire administrator passwords. If you do not activate the module, this feature is disabled after the 30-day trial expires.

If Expire Passwords is enabled and a user logs in with an administrator account with a temporary password, EFT Server prompts the user to supply a new password. Each day it also checks whether passwords are <n> days from expiration, and those passwords are flagged for reminders, if reminders are enabled. All reminder e-mail messages are sent immediately after flagging the accounts to be reminded.

icon_info.gif

EFT Server executes cleanup procedures every day at 00:00:00 UTC and at Server Startup. This daily server cleanup removes/disables inactive administrators and user accounts and sends password reset and expiration notifications for every Site.

 

icon_info.gif

Password initial reset, expiration, and account management features only apply to Sites using EFT Server Authentication and ODBC Authentication. These options are not available if other authentication types (AD, LDAP) are used. Password security features all apply on the Server, not to individual accounts.

EFT Server cannot ask FTP users to change their password prior to logging in and identifying themselves. EFT Server allows them to login (authenticate), but then prevents any further interaction with their session until they change their password.

To expire administrator account passwords

  1. In the administration interface, connect to EFT Server and click the Server tab.

  2. In the left pane, click the Server node you want to configure.

  3. In the right pane, click the Administration tab.

  4. Click an EFT Server-managed administrator account, then click Password Policy. The Password Security Settings dialog box appears.

    db_passwordsecuritysettings.gif

  5. To specify the number of days after which to disable or remove administrator accounts, select the Expire passwords check box, then type or use the arrows to specify the number of days. The default is 90 days.

    icon_info.gif

    If you make any changes to the password settings, when you click Apply to push the changes to EFT Server, the counter is reset. For example, if you set it for 90 days, then go back 89 days later and specify a different dictionary file, when you click OK then Apply, the administrator accounts will not expire for 90 days.

  6. Click OK to close the dialog box.

  7. Click Apply to save the changes on EFT Server.