Enforcing Complex Passwords for Administrator Accounts

When you create or edit administrator accounts, you can specify that all administrator accounts be required to adhere to certain password complexity rules.

To set complexity settings for administrator accounts

  1. Refer to Adding EFT Server Administrators or Changing an Administrator Password or Access Rights for the procedures for creating or changing an administrator account.

  2. In the Administrator, connect to EFT Server and click the Server tab.

  3. In the left pane, click the Server node to which you want to add an administrator account.

  4. In the right pane, click the Administration tab.

  5. At the bottom of the tab, click Password Policy. The Password Security Settings dialog box appears.

  6. Select the Enforce strong (complex) passwords check box to ensure that when any administrator creates or changes a password for any administrator account, password complexity is enforced.

  7. To specify password complexity settings, click Advanced. The Password Complexity Settings dialog box appears.

  8. In the Minimum password length box, specify the minimum number of characters the password must contain. The default is 8 characters.

  9. In the Must contain at least box, specify the number of characters from the following categories the password must contain: Uppercase, Lowercase, Numeric (0-9), Non-alphanumeric (e.g., !, #, $, %). Select the check boxes for the applicable characters. (Certain non-alphanumeric characters might not be available when using a mix of English and non-English language settings and keyboards.)

  10. In the Must not contain boxes, select the check boxes and specify the number of characters from the user name and/or number of repeating characters the password must not contain.

  11. In the Dictionary area, select the Must not solely consist of a word in the following dictionary, then specify the dictionary file. A default dictionary file is provided in EFT Server installation directory.

  12. Select the Must not be dictionary word backwards to ensure the password is not a word in the dictionary file spelled backward.

  13. Click OK to close the Password Complexity Settings dialog box.

  14. Click OK to close the Password Security Settings dialog box.

  15. Click Apply to save the changes on EFT Server.
     

If anyone tries to change a strong administrator password to a password that does not meet the specifications in the Password Complexity Settings dialog box, an error message appears.