The Authentication configuration enables you to set minimum requirements for
password-based user authentication on a device. You can apply this configuration
when:
Password |
Enter an administrator password for the device that turns off security features such
as Lockdown or Application Run Control. |
Revert to User Mode |
Enable this option to automatically switch from Administrator
mode to User mode after a specified timeouttime. Use the slider
to set the interval between 5 and 120 minutes, with a default
setting of 30 minutes. |
Restrict Administrator Password Attempts |
Restrict the number of password attempts a user can make for
an administrator account before enforcing a lockout. Specify the
number of wrong password attempts allowed before the account is
temporarily locked. Set the duration of the account lockout once
the user reaches the maximum number of password
attempts. |
Device User Password Policy
Turn on User Password Policy to set complexity requirements and other password policies for the device user.
Note: You must specify a device administrator password before you can configure a user password policy.
Minimum Complexity
Password Quality |
Select the minimum password quality. Password quality options listed are in order of
security strength, from least to most secure. Device users can use
any password type option that is more secure than the selected
minimum.
- Biometric (for example: fingerprint, face recognition, iris
recognition)
- Pattern
- PIN
- Alphabetic
- Alphanumeric
|
Password/PIN Length |
Set the minimum password or PIN length. |
Complex Characters |
Set the minimum number of complex (non-alphanumeric) characters required. |
History
Maximum Password Age |
Toggle on Maximum Password Age to enter
the number of days before prompting a user to enter a new
password. |
Unique Passwords Before Reuse |
Toggle on Unique Passwords Before Reuse to
select the number of unique passwords a user must set before reusing
an earlier password. |
Policy
Screen Timeout |
Toggle on Screen Timeout to set a maximum inactive time before
the screen locks. |
Device Authentication Wipe Policy |
Toggle on Device Authentication Wipe Policy to set a maximum
limit on entering incorrect passwords before a device is
automatically wiped. |
Common Access Card (CAC) Authentication |
Select this option to use Common Access Card (CAC) authentication. |