Password Policies

This article provides information about password policies:
uim901
This article provides information about password policies:
 
 
2
 
2
 
 
CA UIM User Password Policy
All passwords are installed in an encrypted format. The UIM Server administrator account password must meet the following requirements:
  • Be at least six characters
  • Not exceed a maximum of 254 characters
  • Cannot be the same as the username (For example, administrator)
We recommend that you configure your user accounts to follow your own internal policy. 
UMP User Password Policy
All passwords are installed in an encrypted format. CA does not have a policy for UMP users. We recommend that you adhere to your organization’s internal policy for the creation of account passwords.
Database User Password Policy
CA does not have a policy for database users. We recommend that you adhere to your organization’s internal policy for the creation of account passwords.
Logging of Failed Login Attempts
 
Admin Console
 
Set the log level on the service_host probe to level 4 or higher to have the system log failed login attempts. Log levels lower than 4 do not report when a failed login attempt occurs. Failed login attempts result in a log entry in service_host.log indicating a severe error. The following message is an example of a service_host.log entry for a failed login:
Dec 02 11:12:59:179 [tomcat, service_host] SEVERE: Login Error 2: Received status (12) on response (in sendRcvLogin) for cmd = 'login'
 
UMP
 
Set the log level on the wasp probe to level 3 or higher to have the system log failed login attempts. Log levels lower than 3 do not report when a failed login attempt occurs. Failed login attempts result in a log entry in wasp.log. The following message is an example of a wasp.log entry for a failed login:
Dec 02 14:00:00:778 INFO [http-bio-80-exec-7, com.nimsoft.nimbus.probe.service.wasp.auth.LoginModule] Login failed: Wrong username and/or password.