Article Details
Id: | 16733 |
Product: | finPOWER Connect |
Type: | NEW |
Version: | 3.03.00 |
Opened: | 04/02/2020 |
Closed: | 14/02/2020 |
Released: | 01/05/2020 |
Job: | J023670 |
User Policies; blank database updated, tooltip added
The User Policy, Password Policy page, a tooltip has been added for Lockout "Defines the number of login attempts within a time period that causes the User to be locked out. The Lockout will be cancelled after the lockout minutes (0 minutes = indefinite)".
In addition the default settings added in a new database for User Policy "G", General were not the current standards.
The following settings have been updated:
- Allow Databases to be opened in Exclusive mode?
- Updated from checked to unchecked.
- Password
- Delay seconds, updated from 2 to 0.1 seconds
- Login Timespan, updated from 10 to 60 minutes
- Lockout updated from 1 to 0 (indefinite) minutes
- Min Length, updated from 4 to 5 characters
- Force Strong Passwords, updated from unchecked to checked
- Event Logging
- Login Succeeded, updated from 1 - Low Severity => 0 - Do Not Log
- Change Password, updated from 2 => 1 - Low Severity
Most importantly the Event Logging for Successful Logins was set to "1 - Low Severity" rather than "0 - Do Not Log". This means the ISAuditLog table can get bloated with successful login records. We suggest you consider changing this setting and purging these logs.