Your Browser is not longer supported

Please use Google Chrome, Mozilla Firefox or Microsoft Edge to view the page correctly
Loading...

{{viewport.spaceProperty.prod}}

Managing passwords

&pagelevel(4)&pagelevel

In the Password management tab you manage the passwords of all defined local accounts.

The passwords of LDAP accounts are only managed on the LDAP server.

The passwords of the local accounts have the attributes Validity time, Warning time, Minimum time, and Inactivity time:

  • During the Validity time, which applies from the last time the password was set, it is possible to log in without restriction.

  • During the Minimum time which is defined by the administrator or security administrator, users with another role cannot change their own password.

  • During the Warning time, a warning is issued that the password will soon no longer be valid. However, it is possible to log in without restrictions.

  • During the Inactivity time, the password is no longer valid, but it is still possible to log in. Directly after a user has logged in, a request to change the password is issued.

  • After the Inactivity time has elapsed, the account is locked. It can be opened again from an(other) administrator resp. security administrator account or, if necessary, by Customer Support.

  • The value -1 for the Inactivity time results in the inactivity time not elapsing.

  • The value 99999 for the Validity time means, in practice, that you need not change the password.

The figure below shows the relationship between these times.

When the SE server is supplied, the following values are predefined for the Validity time, Warning time, Minimum time, and Inactivity time for the standard account admin:

Account

Minimum 
time

Validity 
time

Warning 
time

Inactivity 
time

Comment

admin

0

60

7

-1

The account is never locked, it is always possible to log in with the old password.
The value -1 for the inactivity time means that it never expires.

When you create another local account using the SE Manager, the passwords you specify are initially assigned the following attributes:

Account

Minimum
time

Validity
time

Warning
time

Inactivity
time

<name>

7

60

7

7

The minimum time is not relevant for an administrator resp. security administrator account and the value 0 is therefore displayed for it.

As administrator or security administrator you can disable an account in the password management. You can only log in under this account again if you activate the account.

You can also force a change of password. When you force a change of password for an account which is locked by the system, you permit a one-off login using the previous password.


Displaying password attributes

>

In the tree structure select Authorizations -> Users, Password management tab.

The Password management tab displays the defined local accounts with their password attributes.

Changing passwords or password attributes

For users who are not an administrator or security administrator, the functionality is restricted to their own account: They can change their own password if it has not yet expired and the minimum time between two changes has been reached.
Only an administrator or security administrator can change password attributes.

>

Click the Change icon for the required account and change the properties as required. In configurations with multiple MUs, the password attributes of the account are changed on all MUs.