Password Security

_{Added in version 7.0}

The MAGNET Password Security functionality allows for administrators to control the password requirements for their users, as well as allowing the ability to force users to change their password on first login when a new account is created.

For users with permission to view and manage the MAGNET Password Security options, you will see a new Password Security option to the left of the Create User option.

Clicking on this option will take you to the Password Security Management screen.

By default, this feature is deactivated and default settings are applied. To make changes to this, you must first activate the feature by clicking the Enable button.

If you do not see the enable button, that means this feature has already been enabled.

Security options

This module allows for the updating or changing of the following password security options

Option Name	Description	Default Setting

Option Name	Description	Default Setting
Minimum Length	Allows for the setting of a minimum allowed password length. Password less than the number set will not be allowed.	By default, this is not enforced and there is no minimum password length required
Maximum Length	Allows for the setting of a maximum allowed password length. Password greater than the limit set will not be allowed.	By default, this is not enforced and there is no maximum password length required
Require Capitol	Determines if a capital letter is required in the password. If set at least one letter must be capitalized or the password will not be allowed	By default, this is not enforced and there is no capitol letter required
Require Number	Determines if a number is required in the password. If set, the password must contain at least one number or the password will not be allowed.	By default, this is not enforced and there are no numbers required
Password Expiration	The number of days until a user will be forced to change their password on next login. If set, once the number of days has elapsed, the user will be required to change their password on the next login.	By default, this is not enforced and a user's password will never expire
Previous Passwords	The number of previous passwords the user should be prevented from re-using. This option prevents the user from re-using any previous password used based on the number set. For example, if the number is set to 2, the user would be prevented from re-using the previous two passwords used(including the current password)	By default, this is not enforced and a user can re-use their password as many times as they would like. It is strongly suggested to utilize this option if you have a password expiration set, or the user will be able to reset their password to their current password.
Allow Special Characters	Determines if special characters are allowed in the password.	By default, special characters are not allowed in the password.

PLEASE NOTE

Changes made in the Password Security options do not immediately invalidate users passwords. For example, if you changed the minimum password length to 5, users with a password length of 3 would still be able to utilize the password until they reset their password.