Mar 07, 2024
77
Note:
This article showcases features that are typically only made available to Administrator roles.
However, since Getac Enterprise is highly configurable, the ability to complete tasks described in this article may be different for each User, depending on policy. Please contact an administrator with all access questions and concerns.
However, since Getac Enterprise is highly configurable, the ability to complete tasks described in this article may be different for each User, depending on policy. Please contact an administrator with all access questions and concerns.
Warning:
The information listed here is to explain this feature. This is configured by the Getac implementation teams and should NOT be modified without first contacting [email protected]. Getac is not responsible for data loss or interruption of services due to improper configuration of this feature.
Overview
This page allows for configuring password requirements. Typically, this should match the security policy that an Agency uses for password on other systems.
Caution:
For customers using AD integration, password rules are controlled entirely by the Agency. DO NOT use this feature if using AD integration.
See the image below for how to access the Password Rules page:
Create or Edit Password Rules
Perform the following steps:
- Click on the Page icon or select existing rules from the list and click on the Wrench icon.
- Input Password parameters.
- Click on Save or Update to finalize.
See the image below for an example:
Parameters include the following:
- Station - Select the specific station that the Password Rules will be used for. Selecting Global will apply the configuration to all Stations in the Station Group.
- Minimum Length - Specify the minimum character length (number) that a user password can be.
- Maximum Length - Enter the maximum character length (number) that a user password cannot exceed.
- Maximum Age (Days) - Enter the maximum number of days that a user can use their password before it must be changed (reset).
- Invalid Attempts Before Lock - Indicates the number of times a wrong password can be attempted before the user account is locked.
- Forgot Password Link Expiration - If a user forgets their password and requests to reset their password, this indicates how long the password reset link will remain active.
- Historical Uniqueness - The number of successive unique passwords the user must use before they can reuse a previous password.
- Prevent Common Words - Utilizes a database of common words used in passwords, e.g. password. When a user attempts to create a new password, the system will validate that the password does not contain any of these common words.
- Password Cannot Match Login ID - Validates that new passwords do not contain the user account login ID in the password.
- Require Uppercase character - Requires that the password contains at least one uppercase character.
- Require Lowercase Character - Requires that the password contains at least one lowercase character.
- Require Number - Requires that the password contains at least one number (0-9).
- Require Special Character - Requires that the password contains at least one of the following special characters ~!@#$%^&*?
- Require Unicode Character - Useful for other language characters.
- Security Question Prompt - Forces the user to answer one of their three account security questions at each login. Can be changed/updated on the User Profile page.
- Device Enrollment - Requires that a user must enroll the device they are accessing Getac Enterprise on to complete the login.
- Device Expiry Days - If 2-factor, remember authentication for the specified number of days.
- Is User Acknowledgeable - If checked, the user must acknowledge a custom agency message after login, e.g. specific IT policies that users must acknowledge when accessing Getac Enterprise. User Acknowledgements and status are recorded in the Acknowledge Users Custom Report.
- Enforce User to Change Password - Requires that a User must periodically change their password (based on Maximum Age setting). No persistent passwords are allowed.
- Save/Cancel - Commit or discard changes by using the Create/Save and Cancel buttons.