To increase security to Carbon Black App Control, specify password complexity and ensure periodic password changes.
You can specify the following parameters:
- The minimum length of the password.
- The minimum amount of special characters required, if any.
- How long the password is valid for before it expires.
- How many days of warning the user receives before the password expires.
- The number of days after expiration where users can still log in. However, they are immediately redirected to change their password. Access to other content is prohibited.
If a user's password expires after the grace period or if there is no grace period, the user must request a password reset from their Carbon Black App Control Administrator. To reset the password, the administrator has two options:
- Reset the password to an agreed-upon password and the user can reset it at a later date.
- Create a temporary password that redirects the user to immediately change it upon login.
Field |
Description |
---|---|
|
The minimum number of characters for a password. Default value is 8 characters. This attribute does not apply to the admin user name on initial installation. However, if you update the admin password after the initial installation, it applies. |
|
The minimum required number of non-alphanumeric characters, such as: | > < & % ( ) @ . [ ] { } : ; ^ = ! ' " ` ~ , Default value is zero (0) special characters required. This attribute does not apply to the admin user name on initial installation. However, if you update the admin password after the initial installation, it applies. |
|
The number of days after a password is set that it expires. Default value is zero (0) days, which species that there is no expiration. This attribute does not apply to the admin user name on initial installation. However, if you update the admin password after the initial installation, it applies. |
|
The number of days before password expiration that a console message warns the user about the impending password expiration. Default value is 14 days. |
|
The number of days after the password has expired that the user can still successfully log in by using the expired password. The user must change their password immediately after logging in. When logging in under the grace period, the user can perform no other actions in the console until the user completes the password change. |
Specify User Password Requirements
To specify user password requirements, perform the following procedure.