Enforcing Complex Passwords for Administrator Accounts

When you create or edit EFT-managed administrator accounts, you can specify that all administrator accounts be required to adhere to certain password complexity rules.

To set complexity settings for administrator accounts

  1. Refer to Adding EFT Administrators or Changing an Administrator Password or Access Rights for the procedures for creating or changing an administrator account.

  2. In the administration interface, connect to EFT and click the Server tab.

  3. On the Server tab, click the Server node to which you want to add an administrator account.

  4. In the right pane, click the Administration tab.

  5. Click an EFT-managed administrator account, then click Password Policy. The Password Security Settings dialog box appears.

  6. Select the Enforce strong (complex) passwords check box to ensure that when any administrator creates or changes a password for any administrator account, password complexity is enforced.

  7. To specify password complexity settings, click Advanced. The Password Complexity Settings dialog box appears.

  8. In the Minimum password length box, specify the minimum number of characters the password must contain. The default is 8 characters.

  9. In the Must contain at least box, specify the number of characters from the following categories: Uppercase, Lowercase, Numeric (0-9), Non-alphanumeric (for example, !, #, $, %), and Unicode. Select the check boxes for the applicable characters. (Certain non-alphanumeric characters might not be available when using a mix of English and non-English language settings and keyboards.)

  10. In the Must not contain boxes, select the check boxes and specify the number of characters from the user name and/or number of repeating characters the password must not contain.

  11. In the Dictionary area, select the Must not solely consist of a word in the following dictionary, then specify the dictionary file. A default dictionary file is provided in EFT installation directory.

  12. Select the Must not be dictionary word backwards to ensure the password is not a word in the dictionary file spelled backward.

  13. Click OK to close the Password Complexity Settings dialog box.

  14. Click OK to close the Password Security Settings dialog box.

  15. Click Apply to save the changes on EFT.

Field

Default

Min/Max Values

Minimum password length - Specify the minimum number of characters that must be in the password

8

6 - 99

In the Character categories area, specify the type of characters that must be in the password:

The password must contain characters from at least N of the following categories:

  • Uppercase

  • Lowercase

  • Numeric (0-9)

  • Non alpha-numeric (for example, !, #, $, %)

  • Unicode (UTF-8)

3 categories

2 categories, up to the maximum password length

Must not contain N or more characters from the user name

3

2 characters, up to maximum password length

Must not contain N or more repeating characters.

3

2 characters, up to maximum password length

Must not consist solely of a word in the following Dictionary file.

(Click the ellipse icon  to select a file.)

on

n/a

Must not be a dictionary word backwards

off

n/a

If anyone tries to change a strong administrator password to a password that does not meet the specifications in the Password Complexity Settings dialog box, an error message appears.