To ensure security in vRealize Operations, you must manage user passwords. Determine the criteria used for account lockout, password strength, and the password change policy. When a user session becomes inactive for 30 minutes, the session times out, and the user must log in to vRealize Operations again.
Where You Manage the Password Policy
- To manage user roles, from the left menu, click Administration, and then click the Access Control tile.
- Click Password Policy tab.
Indicates whether the account lockout is in effect, and indicates the number of login attempts allowed before the account is locked. The account lockout policy is enabled by default.
Indicates whether the policy that requires users to strengthen their password is in effect, and the minimum number of characters required to make a strong password. The password strength policy is enabled by default.
Indicates whether the policy that requires users to change their password is in effect, how often the password expires, and whether users will receive a warning. The account password change policy is enabled by default.
Modify the Password Policy
You can modify the password policy by clicking Edit.
Access Control Edit Password Policy Settings
Modify the settings to lock user accounts.
- Activate Account Lockout Policy. Enable the policy to lock user accounts. For a super administrator user, the account lockout policy is enabled by default and cannot be disabled. The super administrator user account is locked for approximately one hour, and then unlocked.
- Number of failed login attempts before lockout. Indicates the number of tries that a user can attempt to log in to vRealize Operations before their account is locked. The default number of tries is seven, and the time frame allowed for login is 45 seconds.
Modify the settings required for users to create strong passwords.
- Activate Password Strength Policy. When selected, enables the policy to require users to strengthen their password.
- Minimum password length. Indicates the number of characters required for user passwords. The default length is eight characters.
- Passwords must contain numbers. Users must include a combination of letters and numbers.
- Passwords must not match user names. To ensure security, users are not allowed to use their user name as their password.
- Passwords must contain at least one uppercase and one lowercase letter. When selected, users must include one or more uppercase characters.
- Passwords must contain special characters. When selected, users must include one or more special characters. Special characters include: !@#$%^&*+=
Modify the settings required for users to change their password.
- Activate Password Change Policy. Enable the policy to require users to change their password at specific intervals.
- Passwords expire every 90 days. Users receive notification five days before the password expires.
- Warn users 5 days prior to expiration. Indicate when to have vRealize Operations notify users that their password will expire. The default is five days before their password expires.