Account Policies and Password Expiration

For enhanced security, you might want to implement the following account policies. Account policies are functions of your authentication service. If you want to implement account policies, then you are responsible for setting them up through administration features provided by the authentication service vendor.

• Password syntax rules, such as minimum password length.

  When creating or changing passwords, minimum length requirements and other syntax rules defined in the external directory are enforced by the Siebel application.

• An account lockout after a specified number of failed attempts to log in.

  Account lockout protects against password guessing attacks. Siebel Business Applications support lockout conditions for accounts that have been disabled by the external directory.

• Password expiration after a specified period of time.

  The external directory can be configured to expire passwords and warn users that passwords are about to expire. Password expiration warnings issued by the external directory are recognized by Siebel Business Applications and users are notified to change their passwords.