Version 2021

Edit Password and Authentication Settings

You can view and edit server-level security settings for passwords and authentication.

The ability to view or edit certain settings is determined by a user's privileges. All necessary privileges are included in the Administrator role by default. You must belong to the System Administrators group to use this feature.

  1. Open the Workstation window.
  2. In the Navigation pane, click Environments.
  3. Right-click a connected environment and choose Properties.
  4. Choose Get Info if you are using a Mac.

  5. In the left pane, click Security Settings.

Fields

Password Settings

Security Level Security Level includes the following password settings. It provides four sets of predefined setting values for the administrator to use. These are Default, Low, Medium, and High. Select Customize from the drop-down list to view the following settings for a customized configuration.

  • Lock after (failed attempts) Specify the number of failed login attempts allowed. Once a user has this many failed login attempts in a row, the user is locked out of the MicroStrategy account until an administrator unlocks the account. Setting this value to no limit indicates that users are never locked out of their accounts. The default setting is no limit.
  • Allow user login and full name in password When this option is disabled, Intelligence Server ensures that new passwords do not contain the user's login or part of the user's name. This option is enabled by default.
  • Allow rotating characters from last password When this option is disabled, Intelligence Server prevents users from using a password that is a backwards version of the old password. This option is enabled by default.
  • Minimum password length The minimum password length. The minimum value is 0. The maximum value is 999. The default value is 0.
  • Minimum upper case characters in password The minimum number of upper case (A-Z) characters that mist be present in users' passwords. The default value is 0.
  • Minimum lower case characters in password The minimum number of lower case (a-z) characters that must be present in users' passwords. The default value is 0.
  • Minimum numeric characters in password The minimum number of numeric (0-9) characters that must be present in users' passwords. The default value is 0.
  • Minimum special characters in password The minimum number of non-alphanumeric (symbol) characters that must be present in users' passwords. The default value is 0.
  • Minimum number of character changes in password The minimum number of character changes. The minimum value is 0. The maximum value is 999. The default value is 3.
  • Number of past passwords remembered The number of each user's previous passwords that Intelligence Server stores. Intelligence Server prevents users from using a password that is identical to one they have previously used. The minimum value is 0. The maximum value is 999. The default value is 0.
  • Hash iterations for password encryption Select the number of iterations that a password is hashed. This provides even greater security on top of the algorithm by iteratively hashing the hash a configurable number of times. The minimum value is 1000. The maximum value is 1000000. The default value is 10000.

Authentication Settings

Update pass-through credentials on successful login Select to update or disable updating the user's database credentials, LDAP credentials, on a successful MicroStrategy login.

Use public/private key to sign/verify authentication token Enable this toggle button to use a public or private key to sign or verify a token. This requires the setup of a public or private key. This option is disabled by default.

Token Lifetime (Minutes) The lifetime, in minutes, of the token. The minimum value is 1. The maximum value is 99999. The default value is 1440.

Content Settings

Enable custom HTML and JavaScript content in dossiers Enabling this option allows users with the appropriate access to display third-party Web applications or custom HTML and JavaScript directly in the dossier. This option is enabled by default. Although the ability to display Web applications or custom HTML and JavaScript directly in a dossier is governed by user privileges, MicroStrategy recommends disabling these features to ensure a secure environment.