Enabling Password Aging Enforcement for Seeq Directory
Overview
Password aging enforcement is a critical security measure designed to ensure that users regularly update their passwords to maintain account security. By enabling password aging enforcement, administrators can define the maximum duration for which a password can be used before it must be changed. Additionally, they can configure warning periods and grace periods to inform users about impending password expiration and provide them with a time window to update their password before a password change is required in order to access their account.
Enable and Configure Password Aging Policy
To enable this feature:
Navigate to Administration > Configuration
Set Authentication/SeeqDirectory/EnforcePasswordAge to
trueConfigure any optional parameters (see table below).
Save your changes
Once this policy is enabled, existing passwords older than 90 days must be reset. Users with passwords expiring within the next 7 days will receive warnings. Users with expired passwords will be unable to log in if the PasswordExpirationGracePeriod is set to 0.
Options
Configuration | Default |
|---|---|
Authentication/SeeqDirectory/EnforcePasswordAge |
|
Authentication/SeeqDirectory/MaxPasswordAge The maximum duration (in days) that a user's password can be used before the system requires a password change. | 90 |
Authentication/SeeqDirectory/PasswordExpirationWarningPeriod The number of days before a user's password expires when the system starts alerting the user that their password is approaching its expiration date. | 7 |
Authentication/SeeqDirectory/PasswordExpirationGracePeriod The number of days a user can continue to log in with an expired password before the system forces a mandatory update. | 0 |