Internal Password
Table of Contents
1 Functionality
Usually the user name and its password required for authentication are stored in the operating system (Windows, Active Directory) or in the database management system (MS SQL Server, ORACLE). When using internal passwords user name and password are stored in a table of the IDL.KONSIS.FORECAST database. Then the password is stored as a hash value which is composed out of the password and a random string (salt). The authentication method IDL-User is activated by choosing Auth: IDL-User in the configuration program of the IDL.KONSIS.FORECAST Application Server.
2 Configuration
For every user with login using an internal password there must be an entry in the USE application. There the field PW-Reset should be set to "A" providing that the user is prompted to change his password on the first login.
Application USEE
If no user with an internal password is existing yet the authentication method DB-User has to be used for the first login to define a password e.g. for the user idladmin.
3 Password Policies
Password settings:
- PW length: The length of the password has a minimum of 8 and a maximum of 16 characters.
- PW-Reset: 'A' = The administrator (key user; member of the group IDLADMIN or IDLSYS) assigns a start password. The start password has to be entered by the user at his next login to IDL.KONSIS.FORECAST. Now the message appears that the password has expired. Then the user is prompted to modify his password in the extended dialogue. 'U' = The password had been reset by the administrator. The user logs in with his old password. Now the message appears that the password has expired. Then the user is prompted to modify his password in the extended dialogue.
- Interval: Password expires after a given number of days and has to be modified.
- ChgInterval: Period of validity of the password in number of days
You can set the following policies for password complexity:
- PW-legth: minimal length 7, max length 16 characters
- Ident.Char: no more than 3 equals chars
- Seq.Alpha: no Alphabetical-Sequence allowed (abcdefg)
- Seq.Num.: no Numeric-Sequence allowed (123)
- Seq.Keyb.: no Keyboard-Sequence allowed (qwertyui)
- min. 1 num: must contain at least one numerical character
- min. 1 spec: must contain at least one special character
- min. 1 lowC: must contain at least one lower case character
- min. 1 uppC: must contain at least one upper case character
4 Change Password
If the password has expired this will be reported at the next login attempt. For the purpose to modify the password a new password has to be entered in the New password and Confirm password fields of the extended login dialogue.
Login Dialogue