Previous Topic

Book Contents

Book Index

Next Topic
Password Settings

Password settings are used to control how the change of Valuemation Logon Password is handled.

  • Warning Days

    This is the number of days before the required change of password. From this point onwards, the user will be reminded that his password is about to expire so that he has time to prepare a new password.

  • Free logins

    Once the Password has expired, the user has a limited number of free or grace logins, where the old password will be accepted. After that, he cannot start Valuemation until he enters a new password.

Password complexity options

  • Password is case sensitive

    Choose whether filtering will be case sensitive. Case sensitive: capital vs lower-case letters taken into account. Case insensitive: capital vs lower-case letters not taken into account.

  • Password must include several kinds of characters

    If selected, the password must include at least one character from at least 3 of the following classes to be valid: letters, digits, punctuations or others.

  • Password must not contain username

    If selected, the password must not contain the user ID.

  • Minimum password length

    Sets the minimum length required for the password to be valid.

  • Minimum number of special characters

    Sets the minimum required count of special characters.

  • Minimum number of letters

    Sets the minimum required count of letters.

  • Minimum number of capital letters

    Sets the minimum required count of capital letters.

  • Maximum sequence of trivial characters

    If selected, the password must not contain:

    • Any sequence of letters in alphabetic order
    • Any sequence of characters located side by side on the keyboard
    • Any sequence of ordered digits
    • Any sequence of duplicated characters

    ...of the specified length.

  • Minimum password age

    Valid password must differ from the password used by the user in the last specified number of days.

Special settings for all users

  • Check password complexity for all users

    It is possible to set the password complexity check globally for all users. Otherwise just the users with the 'Enable Password Complexity Check' option in the User Manager will be checked.

Note: Secure Password Hashing and Storage

Valuemation 4.1 and newer uses the "SHA-256" method for password hashing. There is no need to change anything if upgrading to a newer valuemation version. The password automatically converts from the old MD5 method to the new one. The source string for the hashing algorithm "SHA-256" is random salt and userId and static salt and password.

Database storage:

  • AMT_S3USER.HASH - internal number of the used method - 0 for the old method "MD5", 1 for the new method "SHA-256"
  • AMT_S3USER.CRYPTEDPASSWORD - string with hexadecimal code of the password hash - <MD5 encrypted password> or <random salt>:<SHA-256 source string hash>

See Also

General

Basic Settings

Search

Business Keys

Customizer Settings

Validation Settings

Help

Application Monitoring

Date, Time and Time Zones

Authentication

Web Server

Web Client

Bookmarks

News

Toast Message