Defining a Password Policy

In environments where PowerDesigner manages user passwords, the repository administrator is responsible for defining a password policy to ensure that passwords are sufficiently secure and are changed at appropriate intervals.

1. From the homepage, click  Administration  Settings  Password Policy  and click the Edit tool.
2. Select policy settings as appropriate:

   Setting	Description
   Password length	Specifies the minimum and maximum permitted length of passwords. This option cannot be disabled. The minimum length for a password is 6 characters.
   Password must contain	Specifies that passwords must contain at least one of each of the character types selected.
   Disallow reuse of previous <x> passwords	Prevents users from reusing the specified number of old passwords.
   Enforce changing of passwords after <x> days	Requires that users change their passwords after the specified number of days.
   Block inactive users after <x> days without connection	Blocks users if they try to log in after the specified number of days of inactivity.
   Temporarily block users for <x> minutes after <y> failures to log in	Blocks users for the specified number of minutes if they submit an invalid combination of username and password the specified number of times.
   Temporary passwords issued by an administrator are valid for <x> days	Specifies the period for which temporary passwords (which are issued when a user is created or unblocked) are valid. Users attempting to use a temporary password after this time will be blocked.

3. Click Save to save your changes.
   If your policy becomes more restrictive, users whose passwords are no longer compliant will be instructed to change their password when next they connect.