 |
You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>UserGuide>UserAdministrationInSheriffCSM>UserAuthentication>SetUpPasswordPolicyForLocalUserAuthentication (16 Jan 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next Sheriff CSMâ„¢ Set Up Password Policy for Local User Authentication If you decide to use authentication occurring locally in Sheriff CSM, Sheriff Cyber Security, LLC. encourages you to set up the password policy according to your company's security standard. All web user passwords are encrypted by applying the SHA-256 algorithm with a salt, and then stored in the database. You can also configure the account lockout period when setting up the policy. Note: Sheriff stores the Sheriff CSM root user password directly on the system, after applying SHA-512 with a salt. By default, only the root user account can access the Sheriff CSM CLI. You cannot configure a lockout period for the root user. If you need to configure Sheriff CSM to use LDAP authentication, see Configure LDAP in Sheriff CSM. For assistance with creating new users in Sheriff CSM, see Create New Accounts for Local Users. To configure password policy for Sheriff CSM
Previous Next Sheriff CSMâ„¢ Set Up Password Policy for Local User Authentication If you decide to use authentication occurring locally in Sheriff CSM, Sheriff Cyber Security, LLC. encourages you to set up the password policy according to your company's security standard. All web user passwords are encrypted by applying the SHA-256 algorithm with a salt, and then stored in the database. You can also configure the account lockout period when setting up the policy. Note: Sheriff stores the Sheriff CSM root user password directly on the system, after applying SHA-512 with a salt. By default, only the root user account can access the Sheriff CSM CLI. You cannot configure a lockout period for the root user. If you need to configure Sheriff CSM to use LDAP authentication, see Configure LDAP in Sheriff CSM. For assistance with creating new users in Sheriff CSM, see Create New Accounts for Local Users. To configure password policy for Sheriff CSM
-
In the Sheriff CSM web interface, go to Configuration > Administration > Main and expand the Password Policy section.
-
Type the values for password authentication that are required by your company or organization, as illustrated by the Password Policy Configurations table.
-
Click Update Configuration.
Password Policy ConfigurationsParameter Description Default Setting Minimum password length Minimum number of characters for a password. 7 Maximum password length Maximum number of characters for a password. 32 Password history Specifies how many previously used passwords are acceptable to Sheriff CSM. Disabled Complexity Specifies that passwords must contain 3 of the following: lowercase characters, uppercase characters, numbers, or special characters. Disabled Minimum password lifetime, in minutes Specifies the minimum amount of time that must pass before a user can change a password again. This option prevents users from changing a new password to the previously expired one. 0 (disabled)
Maximum password lifetime in days Specifies the number of days before Sheriff CSM prompts users to change their current password. 5 Failed logon attempts Number of failed logon attempts before Sheriff CSM locks an account. 5 Account lockout duration Amount of time user accounts remain locked. 5 (0 disables lockout)
Edit | Attach | Print version | History: r7 < r6 < r5 < r4 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r7 - 16 Jan 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.