To increase security to Carbon Black App Control, specify password complexity and ensure periodic password changes.

You can specify the following parameters:

  • The minimum length of the password.
  • The minimum amount of special characters required, if any.
  • How long the password is valid for before it expires.
  • How many days of warning the user receives before the password expires.
  • The number of days after expiration where users can still log in. However, they are immediately redirected to change their password. Access to other content is prohibited.

If a user's password expires after the grace period or if there is no grace period, the user must request a password reset from their Carbon Black App Control Administrator. To reset the password, the administrator has two options:

  • Reset the password to an agreed-upon password and the user can reset it at a later date.
  • Create a temporary password that redirects the user to immediately change it upon login.
Table 1. User Password Configuration Options

Field

Description

Minimum Length

The minimum number of characters for a password.

Default value is 8 characters.

This attribute does not apply to the admin user name on initial installation. However if you update the admin password after the initial installation, it applies.

Minimum Special Character Count

The minimum required number of non-alphanumeric characters, such as: | > < & % ( ) @ . [ ] { } : ; ^ = ! ' " ` ~ ,

Default value is zero (0) special characters required.

This attribute does not apply to the admin user name on initial installation. However if you update the admin password after the initial installation, it applies.

Expiration

The number of days after a password is set that it expires.

Default value is zero (0) days, which species that there is no expiration.

This attribute does not apply to the admin user name on initial installation. However if you update the admin password after the initial installation, it applies.

Expiration Warning Period

The number of days before password expiration that a console message warns the user about the impending password expiration.

Default value is 14 days.

Expiration Grace Period

The number of days after the password has expired that the user can still successfully log in by using the expired password. The user must change their password immediately after logging in.

When logging in under the grace period, the user can perform no other actions in the console until the user completes the password change.

Specify User Password Requirements

To specify user password requirements, perform the following procedure.

Procedure

  1. On the console menu, click the Configuration (gear) icon and click System Configuration.
  2. Click the General tab. The General configuration options appear, with the User Passwords panel at the bottom of the page.
    The User Passwords field options
  3. To configure user password requirements, click the Edit button at the bottom of the page and make the changes. Click the Update button and then click Yes in the confirmation dialog box.