Password policy

Here you activate and configure settings regarding password policy for users in the company.

Force password

Here you decide if it should be mandatory for all new users in the company to use a password. If you check this box, the following settings will become available.

For new users you register in the Users procedure, this means that you have to enter a password for the user, complying with the settings regarding length and complexity below.

In order to force existing users to apply passwords, you can in the Users procedure activate the Require password change on next login setting. With this setting activated, the user will be forced to change password next time he/she logs in to Monitor ERP.

Existing users who have a password entered can also be prompted/forced to change password by applying the Password expiration setting below. This setting means that the users must enter a new password before the password has expired. Please note! Users that do not have a password will not be affected of the Password expiration setting, that is, a user without a password cannot be forced to update/enter a new password within a set time.

There is a built-in block which prevents users from entering their old password as new password when they change the password.

There is also a protection function against so-called brute force attacks on passwords with purpose to gain access to the user’s accounts. If an incorrect password is entered six times in a row, a waiting time is activated. That is, 30 seconds must pass before you can enter the password again.

Password change required at first login for new users

With this setting you decide if new users have to enter a new password at the time of their first login.

Password expiration

Here you enter for how long passwords should be valid before they have to be changed. The default option here is 90 days. If this setting is not activated, the passwords will apply until further notice.

Minimum password length

With this setting you decide the minimum length of new passwords created by users. The default value here is 12 characters.

Required password complexity

Here you decide how complex the passwords must be. You can choose that the passwords must contain either – or a combination of – CAPITAL/lower-case letters, Digits, and Special characters. By default, none of the complexity options are checked. This means the users can use any characters in their passwords.