Once the quality parameters have been set, any future passwords are automatically checked against these parameters to determine the password’s level of acceptability.
If the token was initialized in early RTE versions, no password policy is stored on the token.
The password quality parameters are:
Minimum password length (characters): default is 6 characters.
Maximum password usage period (days): in days; default is 0 = none
Minimum usage period (days): default is 0 days
Password expiration warning period (days): defines the number of days before the password expires that a warning message is shown; default is 0 = none
Password history size: defines the size for password history.
Maximum character repetitions in a password: defines number of times a character can be repeated in the password. Default is 3.
The Password must comply with the complexity rules: Determines if the complexity requirements are required in the token password.
At Least 3 rules: Complexity requirements are enforced
None: Complexity requirements are not enforced
Manual: Complexity requirements, as set manually in the Manual Complexity Rules, are enforced (Default)
Manual Complexity Rules: For each of the character types (Numerals, Upper-case letters, Lower-case letters and Special Characters) select one of the following options:
Permitted: Can be included in the password, but is not mandatory (Default).
Mandatory: Must be included in the password.
Forbidden: Must not be included in the password.
In addition to the above password quality parameters that may also be set per token, two global parameters are set:
Allow password quality configuration on token after initialization: defines whether the password quality parameters may be changed after initialization. This field is selected by default.
Allow only an administrator to configure password quality on token: defines whether the password quality parameters may be changed after initialization by the administrator, and not by the user only. This field is selected by default.
Note: If Allow password quality configuration on token after initialization is unchecked, the Allow only an administrator to configure password quality on token parameter is deactivated.