Setting Up Password Validation - trillium_discovery - trillium_quality - 17.1

Password rules apply only to Trillium-authenticated users and not to Windows-authenticated users.

By default, there are no password validation rules. Users can create a password of any size and character combination and the password never expires. However, the repository administrator can establish the following rules:

• Length of time the password is valid

• Validity of reusing old passwords

• Valid and invalid password combinations

To edit password properties

1. Log in to the Repository Manager.

2. On the Home tab, click Password Properties or from the Navigation View, right-click Users and select Edit Password Properties from the drop-down menu. The Password Properties window opens.

   

3. In Invalidate user password, select the number of days after which the password expires. The default is 0, which means the password never expires.

4. In Number of unrepeatable old passwords, enter the number of recent passwords that cannot be repeated. Setting a value of 2, for example, forces the user to create a new password at least three times before he is able to recycle. By default, the user can reuse the same password every time.

5. In Valid Password regular expression and in Invalid Password regular expression, enter the expression defining the restrictions on the password length and composition. Leave the fields blank if you do not want to impose any constraints on the passwords.

   Expressions are enclosed in curly braces and use the following metacharacters:

   ^   Start of string

   $   End of string

   \w   Represents alpha-numerics (a-z, A-Z, 0-9, _)

   The table give below provides several examples of password expressions.

   Table 1. Sample Password Expressions

   Expression Type	Example	Description
   Valid	.{6}	Passwords must be at least 6 characters long.
   	{^\w{5,16}$}	Passwords must be between 5 and 16 characters long and can contain only alphanumeric characters and an underscore. Explanation of expression: Match whole string using the ^ (start) and $ (ending) metacharacters Match alphanumerics, which are represented by the \w metacharacter Match a length of 5 characters minimum and 16 characters maximum: {5,16}
   	{^.*(?=.{10,})(?=.*\d) (?=.*[a-z])(?=.*[A-Z]) (?=.*[@#$%^&+=]).*$}	Passwords must be at least 10 characters long and contain at least one lowercase letter, one uppercase letter, one digit, and one special character. Explanation of expression: Match whole string using the ^ (start) and $ (ending) metacharacters Match a length of at least 10 characters: (?=.{10,}) Match at least one digit: (?=.*\d) Match as least one lowercase letter: (?=.*[a-z]) Match as least one uppercase letter: (?=.*[A-Z]) Match as least one of the following special characters: (?=.*[@#$%^&+=])
   Invalid	.{9}	Passwords cannot exceed eight characters in length.
   	{^[a-zA-Z]*$}+	Passwords that contain only alphabetic characters are invalid. In other words, passwords must contain at least one number or special character.

6. Click OK to save your changes.