Session Timeout (minutes)

The number of minutes a user’s logged in session remains active. A logged-in user’s session is timed-out if the inactivity time is greater than the timeout value. The timeout value can be changed.

The default is 10 minutes.

Enter an integer between 5 and 60.

Failed Login Alarm Threshold (attempts)

The number of attempts users get to successfully log in to the system before the system raises an alarm. This value is usually the same as the Failed Login Lockout Threshold (attempts).

The default is 3.

Enter an integer between 0 and 100.

Maximum Concurrent Sessions

The maximum number of concurrent logged-in active sessions allowed for the system.

The default is 0. This implies there is no limitation on the number of concurrent logged in active sessions.

Enter an integer between 0 and 6000.

Maximum Concurrent Sessions Per User

The maximum number of concurrent logged-in active sessions allowed for a user.

The default is 0. This implies there is no limitation on the number of concurrent logged in active sessions for any user.

Enter an integer between 0 and 600

Account Lockout Settings

Failed Login Lockout Threshold (attempts)

The number of attempts users get to successfully log in to the system. If they exceed this number of attempts, they are locked out of the system and cannot log in until the amount of time designated in the Failed Login Lockout Duration field has passed.

The default is 3.

Enter an integer between 0 and 100.

Failed Login Lockout Duration (minutes)

The amount of time, in minutes, to lock out users who do not successfully log in within the number of attempts defined in the Failed Login Lockout Threshold field. If a user is locked out because of repeated unsuccessful login attempts, then that user cannot attempt to log in again until this amount of time has passed.

The default is 10.

The valid range is between 0 and 1440.

• 0 - Do not lock.

• -1 - Indefinite user lock out. The user remains locked until the administrator manually unlocks the user.

Inactivity Lockout Threshold (days)

The number of days to wait until Experience Portal should consider the account inactive and lock it out of the system.

The inactivity counter:

• Is reset to 0 each time a user logs in.

• Starts counting as soon as a new account is created. Therefore, you could have an account locked out for inactivity before the first login attempt is made.

• Is reset to 0 if a user manager unlocks the account, either for inactivity or for exceeding the number of failed login attempts.

The default is 0, which means that accounts are never locked out regardless of how much time passes between logins.

Enter an integer between 0 and 365.

Failed Login Lockout Message

The system displays the message on the login page instead of the regular login error message.

This field is optional and the maximum length is of 120 characters. The following special characters are not allowed in this field:

• &

• <

• >

Password Settings

Minimum Password Length (characters)

The minimum number of characters users must use in setting their passwords.

The default is 8 characters.

The length of the password must be between 4 characters and 256 characters.

Mix of Letters and Numbers

Select this option if the new password must consist of a mix of letters and numbers.

This is the default selection.

Minimum Number of Each Character Type

Select this option if the new password must include a minimum number of each of the following character types:

• Uppercase Letters: The minimum number of uppercase letters that the user must use in the new password. Enter an integer from 0 - 256, where 0 means uppercase letters are not required.

• Lowercase Letters: The minimum number of lowercase letters that the user must use in the new password. Enter an integer from 0 - 256, where 0 means lowercase letters are not required.

• Numbers: The minimum number of numbers that the user must use in the new password. Enter an integer from 0 - 256, where 0 means numbers are not required.

• Special Characters: The minimum number of special characters that the user must use in the new password Enter an integer from 0 - 256, where 0 means special characters are not required.

  The new password can contain these special characters: ! @ # $ % ^ & * ( ) - + [ ].

Enforce No Repeated and Sequential Characters

The option to enforce the new password to contain not more than three repeated or sequential letters or numbers.

For example, abcdefgh, 12345678, and bbbbb.

By default, this option is selected.

Password Longevity (days)

The number of days for which a given password is valid. After this amount of time has passed, the user is required to change the password.

The default is 60.

Enter an integer between 0 and 365, where 0 means that passwords never expire.

Password Expiration Warning (days)

The maximum number of days before a user password expires when Experience Portal displays a message to warn the user that they need to change their password. Once this time limit has been reached, Experience Portal will display the warning message every time the user logs in until they have changed their password.

The default is 10.

Enter an integer between 1 and 30.

Maximum Password Changes in 24 Hours

The maximum password changes allowed within a 24 hour time period.

The default is 3.

Enter an integer between 0 and 24. The value 0 implies unlimited.

Maximum Password History

Determines the number of unique new passwords that are associated with a user account before an old password can be reused.

The default is 12.

Enter an integer between 0 and 12.

LDAP Settings

Opens the LDAP Settings page.

OS User Settings

Opens the OS User Settings page.

System Manager Settings

Opens the System Manager Settings page.

Keycloak Settings

Opens the Keycloak Settings page.