Version 2021
Account Policies panel
Admin users can modify account policies via the Account Policies panel. This panel includes password policies, account lockout policy, and OTP configurations.
Password Policies
Minimum Password Length The minimum password length.
Maximum Password Length The maximum password length.
Enforce Password History Count Define how often an old password can be reused. For example, 1 means new password cannot be the same as the last password.
Allowed Special Symbols Define a special symbols list.
Require special symbols defined above Flag to check that the password contains at least one symbol defined in Allowed Special Symbols.
Require numbers Flag to check that the password contains at least one number.
Require alphabetic letter Flag to check that the password contains at least one English character from a to z or A to Z
Require lowercase letter Flag to check that the password contains at least one lowercase English character from a to z
Require uppercase letter Flag to check that the password contains at least one lowercase English character from A to Z
Check allowed characters... Flag to check that the password contains the previously defined required characters previously defined, including 0-9, a-z, A-Z and Allowed Special Symbols.
Account Lockout Policy
Admin users can modify the account lockout policy in the Account Lockout Policy section. It defines how Identity Server locks our users when they enter the wrong password.
If the user fails to log in the number of times specified in Account lockout threshold or in the number seconds specified in Account location duration, that user's account is locked for the number of seconds specified in Reset account lockout counter after.
OTP Configurations
Admin users can modify OTP configurations in the OTP Configurations section. It defines the configuration of a one-time password sent out by Identity Server.
OTP Code Length The length of OTP code. The default value is 6.
Session expires after The lifespan of a session after it is generated.
OTP send to email expires after The lifespan of an OTP code once it is generated and sent to a email address.
OTP send to mobile expires after The lifespan of an OTP code once it is generated and sent to a mobile phone.
OTP send to vehicle expires after The lifespan of an OTP code once it is generated and sent to a vehicle.