Account Settings

The Account Settings tab enables you to set the password policies and account policies for Certification Manager users. It is applicable only if Certification Manager Application Security is used as the authentication scheme.

Note: For a setup using the Active Directory authentication or the IRC authentication, the Account Settings tab will only display the Enable One Time Password check box.

Changes made through this section will impact Certification Manager functionality as follows:

  • Impact of password policies in Certification Manager : Settings made through the Password Policies section will impact the following areas:
    • Creating a new Certification Manager user
    • Resetting the password for a user
    • The Certification Manager Sign In page as all modifications made to the account policies will impact signing in.

You can set your password policies from this page. The page is divided into the following panels:

  • Password properties: This panel enables you to determine the combination of characters that make up your password.
    • Password May Contain the following Criteria: Select the required option depending on whether your password should be made up of alphabets, numerals, a combination of both, and whether it should also include special characters. By default, your password will contain alphanumeric characters.
    • Password Cannot Start With the following Criteria: Determine which characters your password should not start with. The options available in this section depend on the options selected in the Password May Contain section.
    • Password Policy Settings
      • Clear the check box Do not allow the same character more than once if you want characters in your password to be repeated. By default, the check box is selected.
      • Specify the minimum and maximum password lengths, the minimum and maximum upper case and lower case alphabetic characters, and the minimum alphabetic and numeric characters that the password should contain. The default settings are as follows:
        • Minimum Password Length - 8
        • Maximum Password Length - 20
        • Minimum alphabetic characters - 1
        • Minimum uppercase alphabetic characters - 0
        • Minimum lower case alphabetic characters - 0
        • Minimum numeric characters - 1
        • Minimum special characters - 0
      • Account Policy Settings: Use this section to set the validity dates for your passwords.
        • Password minimum lifetime: Specify the minimum number of days to retain the password. You can change your password thereafter.
        • Password expires after: Specify the number of days after which the password must expire. Password expires at 12:00 AM on the expiry date.
        • Lock account if inactive for: Specify the period of time to lock an account if the account remains inactive. If a user is inactive for the period of time specified in this option, then the account will be locked.
        • Sign-in attempts before account is locked : Specify how many incorrect sign-in attempts a user may be allowed before the user's account is locked. By default, 3 attempts are allowed.
        • Send password expiration notice: Specify how long before password expiry a user should be notified. By default, the expiration notice is sent 3 days in advance.
        • Prevent previous passwords: Specify the number of previous passwords that must not be used.
        • Enable One Time Password (OTP): As an extra security measure, select this check box to receive an OTP in your mailbox for logging into the application. Specify the OTP validity time( in minutes). If the checkbox is not selected, users will not receive the OTP and can log into the application directly.

Account policy settings do not apply to users assigned the Super User role.

In the Notification Mail Option panel, select an option based on whether the user ID and password for a new user must be sent through a single email or separate emails. You also have the option to send only the User ID in the email (for ADFS enabled) or to not send the User ID or password by email. By default, the user ID and password are sent in separate mails.

Note: If you select the option Do not send email for User ID or Password , the option to automatically change user password appears disabled on the Security page.
Note: Click the Restore Previous Settings icon  to restore the last saved password policy settings.