Basic Authentication Policy Mechanisms

Administrators logging in to use one of the following mechanisms:
aatest
Administrators logging in to
Advanced Authentication
use one of the following mechanisms:
  • Basic Authentication Policy
  • LDAP Authentication Policy
  • WebFort User-Password
The mechanism depends upon the option that you selected while creating the organization:
  • If you select the
    Basic
    User Password
    option while creating an organization, then you can use the default authentication policy (for a global level).
  • If you select the
    LDAP User Password
    option, the administrator uses the password that is stored in the LDAP directory. The authentication policy is defined in the LDAP directory.
  • If you select the
    WebFort User Password
    option, verify that CA Strong Authentication is deployed and accessible.
Configuring the Basic Authentication Policy Settings
The 
Basic Authentication
 method enables administrators to log in to the Console with a user ID and password.
Use the Basic Authentication Policy page to strengthen the password policy by enforcing the following restrictions:
The password length.
The number of special characters.
The number of failed login attempts allowed before the account is locked.
To configure the Basic Authentication policy:
  1. Ensure that you are logged in as the MA.
  2. Activate the Services and Server Configurations tab.
  3. Click the
    Advanced Authentication
    option on the submenu of the tab.
  4. Under the Authentication section on the side-bar menu, click the Basic Authentication Policy link to display the corresponding page.
  5. Specify the parameters explained in the following table in the Password Policy Configuration section. All the parameters on this page are mandatory.
Parameter
Default Value
Description
Minimum Password Length
6
The minimum number of characters that the password must contain. You can set a value from 6 through 32 characters.
Maximum Password Length
25
The maximum number of characters that the password can contain. You can set a value from 6 through 32 characters.
Maximum Failed Attempts
5
The maximum consecutive number of times an administrator can specify the password incorrectly, after which the credential is locked. You can set a value from 3 through 10.
Minimum Numeric Characters
1
The least number of numeric characters (0 through 9) that the password must contain. You can set a value from 0 through 32 characters.
Maximum Password History Count
3
The maximum number of previously used passwords that cannot be reused.
Validity Period
180 days
The maximum number of days for which a password is valid.
Allow Multi-Byte Characters
The following options are disabled if you select this check box.
Select this option if you want to allow multi-byte characters in the password.
Minimum Alphabetic Characters
4
The least number of alphabetic characters (a-z and A-Z) that the password must contain. You can set a value from 0 through 32 characters.
Minimum Special Characters
1
The least number of Allowed Special Characters that the password must contain. You can set a value from 0 through 32 characters.
Allowed Special Characters
(optional)
!@#$%^&*()_+
The list of special characters that the password can contain.
  1. Click 
    Save
    .
  2. Refresh 
    all
     deployed CA Risk Authentication Server instances.
    See Cached Data and Cache Refreshes for instructions.