Siebel Security Guide > User Administration > Managing Forgotten Passwords >

Defining Password Length for System-Generated Passwords

This topic describes how to configure the length of passwords generated by Siebel Business Applications for users who had previously self-registered but who have forgotten their password. For information on the forgotten password feature, see Managing Forgotten Passwords and User Experience for a Forgotten Password.

When a user requests a new password using the Forgot Your Password feature, the User Registration business service invokes the SetRandomPassword method to create the new password. The SetRandomPassword method uses the rand() method to generate a password that is composed of randomly selected alphanumeric characters (the alphabetic characters a to z, and the numerals 0 to 9). The generated password does not contain special characters.

To ensure that generated passwords conform to your company's policy on password length, you can specify minimum and maximum character lengths for passwords by adding two user properties to the User Registration business service in Siebel Tools. These user properties are RandPassMinLength and RandPassMaxLength. The User Registration business service method, SetRandomPassword, uses the values of these two user properties when it is invoked.

To define minimum and maximum values for password length

1. Open Siebel Tools and, in the Object Explorer, click Business Service.

   The Business Services list appears.

2. In the Business Services list, query or scroll to select the User Registration business service.
3. From the Tools menu, select the Lock Project menu item.
4. In the Object Explorer, click Business Service User Props.

   The Business Service User Props list appears.

5. Right-click in the Business Service User Props list and select New Record from the displayed context menu.

   A new record field appears.

6. Complete the fields for the new record, as shown in the following table.

   In this field...	Enter...
   Name	RandPassMinLength
   Value	Enter the minimum number of characters that your company's password policy states a password must contain. The default value is 5.

   This defines the minimum number of characters that a password can contain.

7. Step off the record to save changes.
8. Repeat Step 5, Step 6, and Step 7 with modifications for

   In this field...	Enter...
   Name	RandPassMaxLength
   Value	Enter the maximum number of characters that your company's password policy states a password must contain. The default value is 15.

   Step 6, as shown in the following table.

   This defines the maximum number of characters that a password can contain.

9. Recompile the Siebel repository file, and unlock the User Registration project.