Logon Policy

System > Logon Policy

• This page applies to the following product: On Premises

The Logon Policy page sets logon policies that apply to all VSA users. Logon policies prevent a brute force break-in to the system. By limiting the successive number of bad logon attempts and disabling rogue accounts for a set amount of time, you can prevent unauthorized access achieved by repeatedly entering random passwords.

Note: See VSA Logon Policies for a summary of functions affecting user logons.

Specify the bad logon attempt policy

• Number of consecutive failed logon attempts allowed before disabling - Specify the number of consecutive bad logons a VSA user or Portal Access user is allowed before their account is disabled in the account field. The count is reset to zero after a successful logon.
• Length of time to disable account after max logon failures exceeded - Specify the amount of time, in hours or days, that the account is disabled in the field.

  Note: To activate the account manually before the lockout time elapses, another user must enable the account using the System > Users page.

• Minutes of inactivity before a user session expires - Specify the time period of user inactivity before the user is automatically logged out. Set the number of minutes of inactivity in the field.
• Prevent anyone from changing their logon name - Prevent anyone from changing their logon name.
• Do not show domain on logon page - Hide the Domain field on the logon page.

  Note: If left blank, the domain checkbox still does not show on the logon page until at least one domain logon exists. Domain logons can be imported using Agent > View AD Users or added manually using System > Change Logon.

• Do not show remember me checkbox on logon - Hide the Remember my username on this computer checkbox on the logon page.

Specify password strength policy

Specify a password strength policy by checking the boxes beside the following:

• Require password change every N days
• Enforce minimum password length
• Prohibit password reuse for N passwords
• Require upper and lower case alpha characters
• Require both alpha and numeric characters
• Require non-alphanumeric characters

Update

Press Update to apply the settings.

Topic 522: Send Feedback. Download a PDF of this online book from the first topic in the table of contents. Print this topic.