Password policies

Administration PageApplication/ContractSyracuse/CollaborationClasspasswordPoliciesRepresentationpasswordPolicy

Introduction

This feature enables you to define a password policy on the signature code in order to ensure the compliance with CFR-21 Part 11 regulations.

The signature code is like a secondary password usable by the corresponding API to control field entry on sensitive information.
This signature code is managed by the SAFE X3 platform. It is used when the main password management is outsourced to authentication providers.
More information about this feature is given in the following document.

A consequence of this feature is that the other password managed by the SAFE X3 platform (the main password used for the database authentication) will also benefit of the password policy.

The password policy must be defined in the Global settings in order to be activated.

Description

The password policies screen includes the following sections:

InformationLengths rangeComplexityBlack-listed passwordsExpiration

Information

Code

This is the name of the password policy.

Lengths range

Minimum password length

Set here the minimum number of characters the password should contain. The shortest length possible is 6 characters.

Maximum password length

Set here the maximum number of characters the password should contain. You can choose a password length up to 128 characters.

Complexity (at least 3 rules have to be checked)

You have to select at least three rules the password must follow among the ones beneath:
- require at least one uppercase letter
- require at least one lowercase letter
- require at least one number
- require at least one non-alphanumeric character

Black-listed passwords

Blacklist file

You can import here a text file with a list of forbidden passwords. In the text file, be careful to write only one password per line.

History of previous password

For security reasons, it is important not to re-create old passwords. You can set here the necessary number of password changes before being able to choose a password already used previously.

Expiration

Expiration period (in days)

Define here the number of days before the password expires. It is also possible to disable the expiration period for a user.

Alert user before password expiration (in days)

Indicate here how many days before the password expires the user is told to change it.