Configure Cherwell Credential Settings (User/Customer Password Rules)
Use the Cherwell Credentials page in the Security Settings window (in CSM Administrator) to configure the following User/Customer password enforcement rules:
- Complexity
- Character length
The maximum password length is 200 characters.
- Reset
- Lockout
Password resets should only be configured if (1) the User/Customer has security rights to change their password and (2) the system administrator has not prevented the User/Customer from changing their password in their User Profile/Customer Credentials. Individual Customer and User password settings can override some of these settings, if needed. User password settings are defined in the User Profile (CSM Administrator>Security category>Edit Users task); Customer password settings are defined in the Customer Credentials window (CSM Desktop Client>Customer>Portal Settings).
To configure User/Customer password enforcement rules:
- In the CSM Administrator main window, click the Security category, and then click the Edit Security Settings task.
- Click the Cherwell Credentials page.
![Security Settings [variable here] Credentials](../cross_product_information_bundle/images/security_settings_cherwell_credentials_thumb_0_128.png)
- Configure enforcement rules for User and Customer credentials:
The settings selected apply to individual User/Customer account creation, individual User/Customer password changes, and batch generated User/Custer credentials.
- Enforce Windows complexity rules: Select this check box to require that the password be complex (six (6) characters, a combination of at least three (3) of the following: uppercase letters, lowercase letters, numbers, symbols/punctuation marks, and cannot contain the User's/Customer's login ID).
If Enforce Windows complexity rules is selected, the minimum number of characters must be at least six (6).
- Enforce minimum password length: Select this check box to require that a minimum number of characters be in a password. Then, select the minimum number of characters.
- Enforce maximum password age: Select this check box to require a password reset every x days. Then, schedule the reset by selecting the number of days between resets.
- Days before required password change to warn customers: Select this check box to warn Users/Customers ahead of time that a password reset is required. Then, select how many days in advance to send the warning. Users/Customers receive daily warnings of the impending reset when they log in.
- Lockout Customers After X Failed Login Attempts: Specify the number of times Users/Customers can attempt to login using the incorrect credentials before CSM locks them out of the system.
- Enforce Windows complexity rules: Select this check box to require that the password be complex (six (6) characters, a combination of at least three (3) of the following: uppercase letters, lowercase letters, numbers, symbols/punctuation marks, and cannot contain the User's/Customer's login ID).
-
Select OK.
![Security Settings [variable here] Credentials](../cross_product_information_bundle/images/security_settings_cherwell_credentials.png)