Enforcing Complex Passwords for Administrator Accounts
When you create or edit EFT-managed administrator accounts, you can specify that all administrator accounts be required to adhere to certain password complexity rules.
To set complexity settings for administrator accounts
-
Refer to Adding EFT Administrators or Changing an Administrator Password or Access Rights for the procedures for creating or changing an administrator account.
-
In the administration interface, connect to EFT and click the Server tab.
-
On the Server tab, click the Server node to which you want to add an administrator account.
-
In the right pane, click the Administration tab.
-
Click an EFT-managed administrator account, then click Password Policy. The Password Security Settings dialog box appears.
-
Select the Enforce strong (complex) passwords check box to ensure that when any administrator creates or changes a password for any administrator account, password complexity is enforced.
-
To specify password complexity settings, click Advanced. The Password Complexity Settings dialog box appears.
-
In the Minimum password length box, specify the minimum number of characters the password must contain. The default is 8 characters.
-
In the Must contain at least box, specify the number of characters from the following categories: Uppercase, Lowercase, Numeric (0-9), Non-alphanumeric (for example, !, #, $, %), and Unicode. Select the check boxes for the applicable characters. (Certain non-alphanumeric characters might not be available when using a mix of English and non-English language settings and keyboards.)
-
In the Must not contain boxes, select the check boxes and specify the number of characters from the user name and/or number of repeating characters the password must not contain.
-
In the Dictionary area, select the Must not solely consist of a word in the following dictionary, then specify the dictionary file. A default dictionary file is provided in EFT installation directory.
-
Select the Must not be dictionary word backwards to ensure the password is not a word in the dictionary file spelled backward.
-
Click OK to close the Password Complexity Settings dialog box.
-
Click OK to close the Password Security Settings dialog box.
-
Click Apply to save the changes on EFT.
Field |
Default |
Min/Max Values |
---|---|---|
Minimum password length - Specify the minimum number of characters that must be in the password |
8 |
6 - 99 |
In the Character categories area, specify the type of characters that must be in the password: The password must contain characters from at least N of the following categories:
|
3 categories |
2 categories, up to the maximum password length |
Must not contain N or more characters from the user name |
3 |
2 characters, up to maximum password length |
Must not contain N or more repeating characters. |
3 |
2 characters, up to maximum password length |
Must not consist solely of a word in the following Dictionary file. (Click the ellipse icon to select a file.) |
on |
n/a |
Must not be a dictionary word backwards |
off |
n/a |
If anyone tries to change a strong administrator password to a password that does not meet the specifications in the Password Complexity Settings dialog box, an error message appears.