Configuring Password Security
Alongside organisational policy for users managing their account information, such as not sharing or writing down passwords, where a service such as Active Directory is not in use then Easysite provides facilities for password Encryption, strength enforcement, expiration and recycling rules in line with your internal policies and procedures.
Please be aware that passwords cannot be retrieved from the system configuration or at a database level. They can only be replaced.
Password Strength
Easysite provides facilities for password strength enforcement directly from the administration interface allowing your organisation to implement as you see fit.
“Strong” for example requires a mixture of alphanumeric characters; “Very Strong” requires a mixture of alphanumeric and non-alphanumeric characters.
Further information regarding password strengths can be found within the Knowledge Base.
Failed Attempts
Easysite provides the facilities for a user account to be automatically locked (after a certain number of attempts) directly from the administration interface. Site administrators can set a maximum number of allowed failed attempts before the account is deactivated and the system administrators notified.
