Configuring enhanced authentication

Enhanced authentication provides an additional layer of security compared to the default authentication type, allowing you to disable users automatically after a certain number of unsuccessful login attempts or to set a password expiry interval. For maximum security, you should always opt for enhanced authentication instead of the default authentication type.

Procedure

  1. In WorldServer, go to Management > Administration > Authentication.
  2. In the Authentication Type list, select Enhanced.
  3. Under Enhanced Authentication Configuration, do the following:
    1. Select the User must change password on first login check box if you want users to change their password when they log in to WorldServer for the first time.
    2. In the Disable user after consecutive unsuccessful login attempts box, specify how many unsuccessful login attempts you want users to have before the system automatically disables them.
    3. In the Password expires after (days) box, specify how many days each user's password is valid.
    4. In the Before password expiration, warn user at login (days) box, specify how many days in advance should the system inform users that their password is about to expire.
    5. In the Allow password reuse after (days) box, specify how many days can pass before users can reuse previous passwords.
  4. Select Save.