Reference: Password Policy

Vena Support Team
Vena Support Team
  • Updated

Easily manage your Password Policy from the Admin tab. The Password Policy settings allow the Vena Administrator to configure the minimum set of rules and standards for user passwords. 

 

Overview

By ensuring your user passwords follow the password policy, you can manage the security of your Vena accounts. This article is relevant to Admin users.


Table of contents

Reference Guide

Notes and special instructions

 

Explainer

Password Expiration Interval

01ExpInterval.jpg

Number of days (0 means infinite):

 

A number that represents the number of days, from when a password is set until it expires. If set to 0, it will never expire.

 

 

Password Basics

02PasswordBasics.jpg

Minimum password length:

 

 

This number represents the minimum length of characters for a valid password.

Maximum password length:

 

This number represents the maximum length of characters for a valid password.

Check against how many previous passwords:

 

 

This number represents how far historically to compare the new password to. For example, you cannot use a password that was used the last X number of times.

 

 

Character Rules

03CharRules.jpg

Minimum number of numeric characters:  

This number represents the minimum number of numeric characters that need to be used in the password.

Minimum number of lower-case characters:

  This number represents the minimum number of lower-case characters that need to be used in the password.

Minimum number of special characters:

 

This number represents the minimum number of special characters that need to be used in the password.

How many of the above 4 rules must be met:

  This number represents how many of the 4 Character Rules must be sustained for a valid password.

 


Sequence Rules

04SeqRules.jpg

 Maximum length character sequence (e.g., "eeee") allowed:  

This number represents the maximum number of times a single character can be repeated back-to-back for a valid password.

 Maximum length QUERTY sequence (e.g., "asdf") allowed:

 

This number represents the maximum length of a keyboard sequence of keys can be for a valid password.

 Maximum length numeric sequence (e.g., "1234") allowed:

 

This number represents the maximum length of a numeric sequence for a valid password.

 

Similarity

05Similarity.jpg

Check similarity to user's first name:  

On/Off toggle: If set to ON, it compares the password to the user’s first name and does not allow passwords that are too similar to the user’s first name.

Check similarity to user's last name:  

On/Off toggle: If set to ON, it compares the password to the user’s last name and does not allow passwords that are too similar to the user’s last name.

Check similarity to user's login:  

On/Off toggle: If set to ON, it compares the password to the user’s login name and does not allow passwords that are too similar to the user’s login name.

Check similarity to user's current password:  

On/Off toggle: If set to ON, it compares the new password to the user’s existing password and does not allow passwords that are too similar to the user’s current password.

Minimum number of character changes to consider similar:  

This number represents the number of characters to compare to for similarity, in the existing password.

 

Account Locking

06AccountLocking.jpg

 Account lockout threshold (number of failed logins):  

This number represents the number of times a user can attempt to log in with an incorrect password before their account is locked out.

 Timeframe to check failed logins (minutes):  

This number represents how many minutes to check continuous attempts of wrong passwords.

 Account lockout duration (minutes):  

This number represents how many minutes a user is unable to make a login attempt due to a locked account.

 

 

Notes and special instructions

SSO Users
This setting can be found in Admin > Policies > Single Sign-On.

07SSO.jpg

If you disable email/password login for your SSO users, the following settings can no longer be modified through the Vena interface:

  • Password Expiration Interval
  • Password Basics
  • Character Rules
  • Sequence Rules
  • Similarity
  • Account Locking

Was this article helpful?

4 out of 4 found this helpful