Configure Cherwell Credential Settings (User/Customer Password Rules)

Use the Cherwell Credentials page in the Security Settings window (in CSM Administrator) to configure the following User/Customer password enforcement rules:

  • Complexity
  • Character length

    The maximum password length is 200 characters.

  • Reset
  • Lockout

    Password resets should only be configured if (1) the User/Customer has security rights to change their password and (2) the system administrator has not prevented the User/Customer from changing their password in their User Profile/Customer Credentials. Individual Customer and User password settings can override some of these settings, if needed. User password settings are defined in the User Profile (CSM Administrator>Security category>Edit Users task); Customer password settings are defined in the Customer Credentials window (CSM Desktop Client>Customer>Portal Settings).

To configure User/Customer password enforcement rules:

  1. In the CSM Administrator main window, click the Security category, and then click the Edit Security Settings task.
  2. Click the Cherwell Credentials page.

    Security Settings [variable here] Credentials

  3. Configure enforcement rules for User and Customer credentials:

    The settings selected apply to individual User/Customer account creation, individual User/Customer password changes, and batch generated User/Custer credentials.

    1. Enforce Windows complexity rules: Select this check box to require that the password be complex (six (6) characters, a combination of at least three (3) of the following: uppercase letters, lowercase letters, numbers, symbols/punctuation marks, and cannot contain the User's/Customer's login ID).

      If Enforce Windows complexity rules is selected, the minimum number of characters must be at least six (6).

    2. Enforce minimum password length: Select this check box to require that a minimum number of characters be in a password. Then, select the minimum number of characters.
    3. Enforce maximum password age: Select this check box to require a password reset every x days. Then, schedule the reset by selecting the number of days between resets.
    4. Days before required password change to warn customers: Select this check box to warn Users/Customers ahead of time that a password reset is required. Then, select how many days in advance to send the warning. Users/Customers receive daily warnings of the impending reset when they log in.
    5. Lockout Customers After X Failed Login Attempts: Specify the number of times Users/Customers can attempt to login using the incorrect credentials before CSM locks them out of the system.
  4. Select OK.