Basic Authentication Policy Mechanisms
Administrators logging in to use one of the following
mechanisms:
aatest
Administrators logging in to
Advanced Authentication
use one of the following
mechanisms:- Basic Authentication Policy
- LDAP Authentication Policy
- WebFort User-Password
The mechanism depends upon the option that you selected while creating the
organization:
- If you select theBasicUser Passwordoption while creating an organization, then you can use the default authentication policy (for a global level).
- If you select theLDAP User Passwordoption, the administrator uses the password that is stored in the LDAP directory. The authentication policy is defined in the LDAP directory.
- If you select theWebFort User Passwordoption, verify that CA Strong Authentication is deployed and accessible.
Configuring the Basic Authentication Policy Settings
The
Basic Authentication
method enables administrators to log in to the
Console with a user ID and password.Use the Basic Authentication Policy page to strengthen the password policy by
enforcing the following restrictions:
The password length.
The number of special characters.
The number of failed login attempts allowed before the account is locked.
To configure the Basic Authentication policy:
- Ensure that you are logged in as the MA.
- Activate the Services and Server Configurations tab.
- Click theAdvanced Authenticationoption on the submenu of the tab.
- Under the Authentication section on the side-bar menu, click the Basic Authentication Policy link to display the corresponding page.
- Specify the parameters explained in the following table in the Password Policy Configuration section. All the parameters on this page are mandatory.
Parameter
| Default Value
| Description
|
Minimum Password Length | 6 | The minimum number of characters
that the password must contain. You can set a value from 6 through
32 characters. |
Maximum Password Length | 25 | The maximum number of characters
that the password can contain. You can set a value from 6 through 32
characters. |
Maximum Failed Attempts | 5 | The maximum consecutive number of
times an administrator can specify the password incorrectly, after
which the credential is locked. You can set a value from 3 through
10. |
Minimum Numeric Characters | 1 | The least number of numeric
characters (0 through 9) that the password must contain. You can set
a value from 0 through 32 characters. |
Maximum Password History Count | 3 | The maximum number of previously
used passwords that cannot be reused. |
Validity Period | 180 days | The maximum number of days for which
a password is valid. |
Allow Multi-Byte Characters The following options are disabled if you select this check
box. | Select this option if you want to allow multi-byte characters in
the password. | |
Minimum Alphabetic Characters | 4 | The least number of alphabetic
characters (a-z and A-Z) that the password must contain. You can set
a value from 0 through 32 characters. |
Minimum Special Characters | 1 | The least number of Allowed Special
Characters that the password must contain. You can set a value from
0 through 32 characters. |
Allowed Special Characters (optional) | !@#$%^&*()_+ | The list of special characters that
the password can contain. |
- ClickSave.
- Refreshalldeployed CA Risk Authentication Server instances.See Cached Data and Cache Refreshes for instructions.