Setting up login requirements
You can use the User Login page to manage the following security settings:
- password expiration and reset defaults
- idle session timeout
- maximum session length
- account lockout period
- allowed failed login attempts
- log out redirection
To set up password requirements, see Setting up password requirements.
To manage user login settings:
- Click Settings .
- Click Security in the Users and Security area.
- Click User Login.
- Configure the general security fields:
- User Password Expiration in Days: The password expiration time frame in days. The default is 120 days. Entering 0 means the password never expires. The maximum that you can set is 365 days.
- Maximum Number of Invalid Login Attempts: The number of failed login attempts that will cause a user account to be locked. The default is five (5). If a user tries five times to log on to the application without success, their account will be locked out from further login attempts.
- Account Lockout Effective Period in Minutes: The value indicated here is in minutes. The default is 5 minutes, meaning the account will be locked for five minutes. If you set this value to 0, accounts will be locked until an administrator manually unlocks them.
- Invalid Login Attempt Reset in Minutes: The number you enter here is in minutes. The default is 5 minutes. The value for this setting determines the number of minutes that must pass before the lockout threshold is reset. For example, if a user tries unsuccessfully to log on to Oracle Eloqua six times, he or she can allow five minutes to elapse, thereby resetting the login attempts counter back to zero. The account lockout threshold will be reset, in this case, five minutes after the last failed attempt. At that point, the user has ten more attempts at logging on. Note that if this value is set to 0, the counter will not be reset and an administrator must be contacted to unlock the account.
- Forgot Password Reset Time in Minutes: The default value for this setting is 720 minutes (12 hours), and sets the number of minutes that must elapse before a user can get a new Forgot Password email.
- Idle Session Timeout in Minutes: The default timeout (in minutes) is 120. This means that after two hours, if a user has been inactive in Oracle Eloqua, the logged on session will expire and the user must log on.
- Maximum Session Length in Hours: The default timeout (in hours) is 12. This means that after twelve hours, the logged on session will expire—regardless of whether a user is active or inactive—and the user must log on.
Log Out Url: This field specifies the page to which users are redirected upon a session timeout or log out. If a URL is not provided, logging out of Oracle Eloqua redirects the user to the Oracle Eloqua login page. This log out URL applies only if the user has logged in using Single Sign-On.
Note: If you set a log out redirect, make sure that the URL is a complete URL.
- Click Save.