Defining Password and Session Policies

You must have rights to modify password policies.

You use this procedure to set the rules that user passwords must fulfill and to define the session idle timeout.

  1. On the System Configurator main screen, choose System Management > Authentication Policy.
  2. In the Password Policy block, do the following:
    1. Enter the maximum number of times users can attempt to log on to an application before the account is locked.

    2. Enter the time to define how long the user account is locked in the Lock Duration field.

    3. Enter the time when the password expires.

    4. Define the minimum length for a password.

    5. Select the Initial Password Must Be Changed option if you want that users must change the password set by the administrator.

      The software prompts users to change their passwords when they enter an application for the first time after the administrator has set or changed the password.

  3. In the Session Policy block, enter the timeout values for the administrator and Web Client.

    The default value is 3 hours.


    If you change the value of Administrative Session Idle Timeout, you must restart Agent Server (AS) in Infrastructure Administrator (IA).

  4. Save your entries.