Enhanced User Security

Owned by Yeok Hong Ng
Last updated: Jul 31, 2024 by Chee Hove Teng
1 min read

The user security can be enhanced by keeping the property install.security as true in install.xml before installation.  After the installation, property mz.security.user.control.enabled would be set to true in platform.conf.  Use STR to view platform configuration.

If mz.security.user.control.enabled set to true after installation, all users are required to change the password during their first login after the property has take effect. If an admin should reset the password for a user, the user will also be required to change password when they re-login.

Password Rules

If enhanced user security is enabled, the default password rules are:

  1. The password must:

    • Be at least eight characters long.

    • Include at least one special character and one that is either a number or a capital letter.

    • new user will have to reset password on first time login.

  2. The password must not:

    • Contain more than two identical characters in an uninterrupted sequence. Such as "aaa".

    • Include the username.

    • Be in alphabetical sequence, such as Abcd.

    • Be in numerical sequences, such as 1234.

    • Be in any US keyboard pattern, such as Qwerty.

    • Contain any whitespace.

    • Be identical to any of the recent twelve (minimum) passwords used for the user ID.

Info!

Repetitive characters that are not consecutively sequenced are still valid. Such as "adadad".

Other Password Rules

If you have a custom password policy that you will want to include with the default policies listed above, you can modify or add new password rules with the Platform properties that are stated in the section Enhanced User Security Platform Properties of the Platform Properties.