The Logon Policy page sets logon policies that apply to all VSA users. Logon policies prevent a brute force break-in to the system. By limiting the successive number of bad logon attempts and disabling rogue accounts for a set amount of time, you can prevent unauthorized access achieved by repeatedly entering random passwords.
Note: See VSA Logon Policies for a summary of functions affecting user logons.
Specify the bad logon attempt policy
Number of consecutive failed logon attempts allowed before disabling - Specify the number of consecutive bad logons a VSA user or Portal Access user is allowed before their account is disabled in the account field. The count is reset to zero after a successful logon.
Length of time to disable account after max logon failures exceeded - Specify the amount of time, in hours or days, that the account is disabled in the field.
Note: To activate the account manually before the lockout time elapses, another user must enable the account using the System >Users page.
Minutes of inactivity before a user session expires - Specify the time period of user inactivity before the user is automatically logged out. Set the number of minutes of inactivity in the field.
Prevent anyone from changing their logon name - Prevent anyone from changing their logon name.
Do not show domain on logon page - Hide the Domain field on the logon page.
Note: If left blank, the domain checkbox still does not show on the logon page until at least one domain logon exists. Domain logons can be added using Discovery > Domain Watch.
Do not show remember me checkbox on logon -Hide the Remember my username on this computer checkbox on the logon page.
Specify password strength policy
Applies to VSA-authenticated passwords only. Domain-authenticated passwords are not affected by these policies.
