Reminding Users when Password is About to Expire
EFT allows you to set a reminder to notify users of their pending password expiration up to 30 days prior to the password expiration date. You can set the reminder on the Site for all accounts, on the Settings Template, and/or for each user, from 0 (no reminder) to 30 days (5 is the default). The reminder can be in the form of a banner message or an e-mail or both.
To remind users of expired passwords
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Site, Settings Template, or user that you want to configure, and then click the Security tab.
-
Select the Allow users to reset their passwords check box.
-
Next to Password Expiration Options, click Configure. The Password Expiration dialog box appears.
-
Select the Expire check box, then specify the number of days after which to expire the password.
-
Select the Remind check box, then specify the number of days prior to expiration to remind the user.
-
Do either or both of the following:
-
To send an e-mail when the password is about to expire, select the Send user an e-mail prior to expiration check box.
-
To send an e-mail when the password has expired, select the Send user an e-mail upon expiration check box.
-
-
Click OK to save the settings and close the dialog box.
-
Click Apply to save the changes on EFT.
-
Edit the Password Reset Messages, as desired.
For all protocols, if the user’s password is scheduled to expire, the e-mail reminder is enabled, and the user account has an e-mail address associated with it, an e-mail will be sent informing the user of the pending expiration and provides instructions on how to change the password for one or possibly all protocols. A user who typically connects over FTP may optionally login via HTTP/S to change the password.
For details of reusing passwords, refer to Prohibiting Password Reuse.