Skip to main content
Skip table of contents

Define password policies

Define password and login rules for the censhare Server. Configure the server actions to send new passwords.

Prerequisites

The password security settings only apply to regular users and via the internal standard login method. External login methods (for example SAML SSO), and system users bypass these settings!

Introduction

In the password security settings of the censhare Server you can customize the password rules for users that access the censhare Server via censhare Web and the censhare Client.

Server configuration

To configure password rules and expiry, open the censhare Admin Client and open the Configuration/Server/General configuration.

Allowed login attempts

In the General configuration, go to the User accounting section:

FieldDescription
LoginsEnter the number of login attempts of users before their account is locked. Default is 3.

Password expiry and password rules

In the General  configuration, go to  the Passwords  section.

FieldDescription
Password expires inEnter the number of login attempts of users before their account is locked. Default is 365 days.
Temp. password expires inDefine, in which period new users must change their temporary password. Temporary passwords are generated automatically. Default is 7 days.
Temp. password lengthDefine the length of temporary passwords. Temporary passwords are generated automatically. Default is 10 characters.
Empty password expires inEmpty passwords were allowed in earlier censhare versions (until 2020.3). As of censhare 2021.1, empty passwords are no longer allowed, and users must set a password. This field defines the period in which users with an empty password must set their password. Default is 1 day.
DescriptionEnter the generic part of the error message that displays if a user enters an invalid password. This error message is combined with the specific error message below. Default is Password does not meet the security guidelines: 
Password rules - you can add multiple regular expressions that apply if users set their password. For each regular expression you can enter an error message that explains the respective rule. This message displays together with the generic error message above  if a user enters an invalid password. The following rules are the default configuration. You can customize them, delete them or add new rules.
Regular expression.{8,}
Error messagePassword is too short. It must consist of 8 or more characters.
Regular expression.*\p{Upper}.*
Error messagePassword must contain at least one uppercase character.
Regular expression.*\p{Lower}.*
Error messagePassword must contain at least one lowercase character.
Regular expression.*(\d|\p{Punct}).*
Error messagePassword must contain at least one digit or special character.

To remove a rule, click the trash. To add a new rule, click +.

To develop and test your custom rules, use a regular expression tool, for example RegExr.

Result

  • Temporary password is applied to new users with automatically generated passwords.
  • Password rules apply if users set their password in censhare Web or the censhare Client.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.