The following table describes the settings.
|
|
|
Setting
|
Possible Values
|
Usage
|
Sign-in Policy Information
|
Company Sign In ID
|
Text box
|
Is a unique identifier for your company. When creating new users this identifier will be the first portion of the User Sign In Id (Company Sign-in ID) for the user. When new users are created and the Default User ID Type is Company Sign-in ID, the Company Domain part of the user ID is prepopulated with this value. This setting can also be accessed from the Company Profile page.
|
Maximum Number of Current Password Attempts
|
Number between 1 and 3
|
The number of times that a user can try to enter the current password. If the user is entering the current password at the login screen when the number of attempts is reached, then the user is locked out from Oracle CRM On Demand. The Sign In Lockout Duration field value determines how many attempts are allowed. However, if the user is entering the current password from within Oracle CRM On Demand, or if the user is updating the password, and if the maximum number of current password attempts is reached, then the user’s session is terminated. The user is not locked out from Oracle CRM On Demand, and the maximum number of current password attempts is still available at the login screen before Oracle CRM On Demand applies the value set in the Sign In Lockout Duration field.
The default value for existing and new customers is 3.
|
Sign In Lockout Duration
|
15, 30, 60 minutes or Forever
|
The length of time that the user's account is locked.
|
Maximum Session Duration in Hours
|
0-9999 hours
|
The length of time that a user’s active session can last before the user is asked to reenter his login credentials. This field accepts positive integers from zero (0) through 9999.
To view your default value for this setting, go to the Sign In and Password Policies page in Company Administration .
When using Oracle CRM On Demand, you must reenter your login credentials when the active session reaches its maximum duration.
When using Web services and the active session times out, the Web Services client must reauthenticate to continue using Web services.
|
Password Control Information
|
Expire User Passwords In
|
30 days, 60 days, 90 days, 180 days, One Year, Never expires
|
The length of time that a user's password is valid. After this period has elapsed, the user is forced to change the password.
|
Days Before Password Expiry Warning
|
This value can be blank, or it can be a number greater than 0 and less than the number of days specified by the option selected in the Expire User Passwords In field. If you select the One Year option in the Expire User Passwords In field, then the value that you enter in the Days Before Password Expiry Warning field can be a number between 1 and 364, or you can leave the field blank.
|
This setting indicates how many days prior to a user’s password expiring Oracle CRM On Demand sends a notification email to the user. It is recommended that you enter a value of no less than 2, and you might want to specify a greater number of days to allow adequate time for the user to update the password. If you enter no value in this field, then no notification email is sent to the user.
NOTE: If you select the Never expires option in the Expire User Passwords In field, then the Days Before Password Expiry Warning field is read-only.
|
Minimum Password Length
|
Number between 6 and 10
|
The minimum number of characters that can be used for a password.
|
Maximum Number of Password Changes
|
Number between 1 and 20
|
The maximum number of times that a user's password can be changed as specified in the Password Change Limit Window setting. If a user attempts to change a password more than the specified number of times, the change is not allowed.
NOTE: Oracle CRM On Demand does not implement this password policy if your user authenticates using a Single Sign-On ID.
|
Password Change Limit Window
|
Number of days (from 1 to 7)
|
The period during which the Maximum Number of Password Changes setting applies.
|
Complexity Level of Passwords
|
3 or 4
|
The number of character classes that must be satisfied in the user passwords from the following four categories:
- Uppercase characters (A...Z)
- Lowercase characters (a...z)
- Numeric characters (0, 1, 2...9)
- Nonalphanumeric characters (!,$,#,%)
|
Enforce Password Policy On Logon
|
Check box
|
If the check box is selected, then a password policy check is enabled when users sign in to Oracle CRM On Demand. This policy check ensures that the user's password complies with the Minimum Password Length and Complexity Level of Passwords settings in Oracle CRM On Demand.
|
Number Of Last Passwords To Prevent User From Reusing
|
Number between 0 and 10
|
The number of previously used passwords that the user cannot reuse in Oracle CRM On Demand.
The default value for new companies is 3. The default value for existing companies is 1 or 0 if the following conditions are met:
- The New Password Must Be Different Than Your Old Password setting is selected.
- The Number Of Last Passwords To Prevent User From Reusing setting is deselected.
|
Authentication Information
|
Number Of Security Questions To Be Completed
|
Number between 0 and 8
|
This setting determines how many security questions and answers a user must set up. The user's questions and answers are stored for future use.
NOTE: Users set up their security questions when they sign in to Oracle CRM On Demand for the first time. Users can also change their security questions at any time. For more information, see Setting Up Your Security Questions.
When users reset their password from the Can't Access Your Account? link on the Oracle CRM On Demand sign-in page, they must answer a certain number of the security questions that they set up.
NOTE: If a user forgets his password when this value is set to zero (0), then the user must request the administrator to reset his password.
You can specify that users must set up a larger number of questions than the number they are required to answer when resetting a password. A random selection of the questions the user sets up is displayed to authenticate the user when resetting the password.
|
Number Of Security Questions To Be Answered
|
Number between 0 and 8
|
This setting determines the number of security questions that a user must answer when resetting a password from the Can't Access Your Account? link on the Oracle CRM On Demand sign-in page. When the user submits the request to reset the password, the user receives an email, shortly afterwards, with a link to a temporary page.
On the temporary page, the user must answer the number of security questions specified in this setting before the password can be reset.
The value in this field must be less than or equal to the value in the Number of Security Questions to be Completed field, because the user cannot be required to answer more questions than the user has set up.
|
Number Of Days Temporary Sign In Is Valid
|
Number of days (1 to 14)
|
This setting determines the number of days that a temporary sign-in password is valid. An email with temporary sign-in information is typically sent when a new user is added, or when the company administrator or Customer Care resets the user's password.
|
Number Of Temporary Password Sign In Attempts
|
Number of attempts (1 to 14)
|
The total number of sign-in attempts allowed using a temporary sign-in password. If this value is exceeded, the user's temporary sign in information becomes invalid, and the user must have the password reset again.
|
Additional Information
|
Allow Users To Change User ID
|
Check box
|
If the check box is selected, users who edit their User Profile can change their User ID. If the feature is not enabled, only the company administrator can change the user IDs.
|
Allow Users To Change Email Address
|
Check box
|
If this check box is selected, then users who edit their user profile can change their email address. If this feature is not enabled, then only the company administrator can change the email addresses.
|
Concurrent Session Option
|
Allow with Notification, Allow without Notification, and Prevent and Terminate Existing
|
This setting allows you to manage how Oracle CRM On Demand handles concurrent sessions while using your login credentials.
The option, Allow with Notification, allows you to engage in concurrent sessions. However, Oracle CRM On Demand notifies you that another session is in progress, using the same account details. Oracle CRM On Demand also provides notification to the user on the other session.
The option, Allow without Notification, allows you to engage in concurrent sessions. However, Oracle CRM On Demand does not notify either user that the other session is in progress.
The option, Prevent and Terminate Existing, closes the first and existing session, leaving the second and new session in progress. Users of both sessions are notified of the actions.
|
