Who this guide is for
System administrators responsible for managing system security policies.
Overview
This guide explains how to configure password requirements and login security settings at the global level to ensure compliance with your organisation's security policies.
How Password Settings Work
Password settings allow administrators to:
- Define complexity requirements (length, character types)
- Control login behaviour (timeouts, password changes)
- Set account lockout thresholds
These settings apply globally to all users in the system.
How to Configure Password Settings
- Navigate to Admin tools > Admin panel > Global > Global settings > Password Settings
- Configure password requirements:
- Set Minimum password length (recommended: 8+ characters)
- Enable checkboxes as needed:
- Password must be mixed case (uppercase + lowercase)
- Password must contain special characters
- Enter Maximum invalid password attempts (recommended: 3-5)
- Configure login options:
- Allow remember me (enables "Remember me" checkbox at login)
- Login timeout (set idle timeout period)
- Allow users to change password
- Force users to change password (set expiration period in days)
- Click Save to apply changes
Additional Information
Key Terminology
- Mixed case: Requires both uppercase (A-Z) and lowercase (a-z) letters
- Special characters: Non-alphanumeric symbols (e.g., !, @, #, $)
- Login timeout: Automatic logout after period of inactivity
Permissions & Prerequisites
- Requires System Admin role
Best Practices
- Use the search function to quickly find Password
- Balance security with usability:
- Minimum 8-character passwords with mixed case
- 90-day password expiration for most organisations
- 30-minute login timeout for shared workstations
- Communicate changes to users before enforcing new requirements
Important Reminders
- Changes apply immediately to all users
- Users may need to reset passwords after new requirements are enabled
- Consider enabling Allow users to change password to reduce admin workload