Configure Password Security
Topics:
Set User Password Requirements
- Navigate to the Civic Platform Classic Administration.
- Select .
- Enter your agency code, or other agency search criteria, and then click Submit.
- Click the Password Security link for your agency. The link displays to the right of the address/city/state/zip columns.
- On the Password Settings page, set the desired security rules for passwords.
- Select a value from the Minimum number of characters menu. By default, Civic Platform requires that passwords be at least 6 characters long.
-
Select and define any options in the Character Requirements section.
At least [ # ] upper-case letters (A,B,C,...) The minimum number of upper-case characters. At least [ # ] numbers (0,1,2,...) The minimum number of numerical characters. At least [ # ] special characters (!,$,%,...) The minimum number of special characters. - Select and define any options in the Restrictions section.
Do not allow the user ID to be part of the password Disallows the user ID for use in a password. Do not allow the following special characters Disallows the special characters specified for use in a password. Separate multiple special characters with commas. Do not allow passwords that start with numbers or special characters Disallows use of numerical or special characters at the beginning of a password. Do not allow reuse of passwords that meet the following conditions Restricts the re-use of passwords. Select and define one or both: - Used in the previous [ # ] passwords - Disallow re-use of previous passwords for a specific number (1-15) of iterations.
- Used in the previous [ # ] hours - Disallow re-use of a password for a specific period of time.
- Indicate whether or not to Apply the same requirements for passwords to public users in Citizen Access by selecting this option.
-
Select Lock account after X failed login attempts in Y hours to specify how many failed attempts (X) a user can have, then specify the time frame those attempts may occur in hours (Y). Example: To allow a user three attempts to log in within a one-hour time frame, enter 3 for the number of failed login attempts, and 1 for the number of hours.
- Click Submit.
Configure Standard Choices for Password Rules
There are two Standard Choices for password rules: PASSWORD_ POLICY _SETTINGS and PASSWORD_CALCULATION _SCORE.
To add a new policy or modify an existing policy, configure the Standard Choice PASSWORD_ POLICY _SETTINGS. Separate standard value descriptions with pipe characters || and separate elements with a colon.
| Standard Choice Value | Value Description | Active |
|---|---|---|
| Example_JavaBean1 | JAVABEAN: com.accela.security.password.LengthValidator || length:8 || errorMessage: Password is too short. | Y |
| Example_JavaBean2 | JAVABEAN:com.accela.security.password.UpperCharValidator || number:2 || errorMessage: Password must contain uppercase. | Y |
| Example_JavaBean3 | JAVABEAN:com.accela.security.password.ExcludeUserIDValidator || errorMessage:Do not allow user id | Y |
| Example_JavaBean4 | JAVABEAN:com.accela.security.password.ExcludeUserIDValidator || number:5 || errorMessage:Do not allow previous password. | Y |
| Example_WS | WS: https://accela.com:3080/CheckACAPolicy?wsdl || errorMessage: check policy failed. | Y |
To modify the password calculation score rules, configure the Standard Choice PASSWORD_POLICY_SETTINGS.
| Standard Choice Value | Value Description | Active |
|---|---|---|
| Number of Characters | +(n*4) | Y |
| Repeated Characters | -(n*4) | Y |
| Has 3 Number | +5 | Y |
| Has 2 Special Characters | +5 | Y |
| Has Upper and Lower Character | +10 | Y |
| Has Numbers and Characters | +15 | Y |
| Only Characters | -10 | Y |
| Only Numbers | -10 | Y |
| Weak Password | score<=34 | Y |
| Medium Password | 34 < score <=34 | Y |
| Strong Password | 68 < score | Y |