Security Control Enhancement
|Category:||Core & System|
Provide configuration options for the following:
- Prevent reuse of user identifiers
- Disable / lock inactive user accounts. Manual lock feature required as an option
- Enable Passwords complexity
- Require a minimum length of at least seven characters.
- Contain both numeric and alphabetic characters.
- Alternatively, the passwords/ passphrases must have complexity and strength at least equivalent to the parameters specified above.
- Require a configurable number of changed characters when new passwords are created
- Passwords maximum lifetime restriction
- Ex: Change user passwords/passphrases at least once every 90 days.
- Passwords minimum lifetime restriction
- Passwords history enforcement
- Do not allow an individual to submit a new password/passphrase that is the same as any of the last four passwords/passphrases he or she has used.
- Automatic disconnect of sessions after a specified period of inactivity
- Limit the number of incorrect password attempts by automatically locking out accounts. Manual unlock feature required as an option
- View current users' sessions. Concurrent sessions control management