Setting up password expiration with scheduled warnings

You can control when a password expires and how many days before the expiration users are warned.

Notifications that the User Password Management application sends are in English only.

Related topics

Enforcing-restrictions-on-passwords


Important

Change Password link is automatically placed on the Home Page form so users can change their passwords voluntarily. When they click the link, the User Password Change form is opened.

If you enable users to change their passwords directly in the User form instead of the User Password Change form, beware that the password restriction policy default or customized by you is bypassed because the restrictions are enforced through the User Password Change form, not through the User form.

To set up password expiration with scheduled warnings

  1. From the AR System Administration Console, select System > General > Password Management Configuration.
    The User Password Management Configuration form appears.
  2. Complete the following fields in the Enforcement Policy section.
    • Number of Days Before Expiration—Indicates the number of days before a user's password expires if it is not changed.
    • Number of Warning Days—Indicates when a user receives a warning message before the password is set to expire unless changed. The user receives a notification through the notification mechanism defined on the User form. It can be an email, an alert, or none.

  3. Click Save.

    You can perform this function in the User form for individual users. See Creating-and-modifying-users.

To disable an account after the expiration period

If a user does not change his or her password before a specified time, you can disable that user's account.

  1. From the AR System Administration Console, select System > General > Password Management Configuration.
    The User Password Management Configuration form appears.
  2. In the Days After Expiration Until Disablement field, enter the number of days after which a user's account is disabled if the password is not changed.
  3. Click Save.
    You can also perform this function in the User form for individual users. See Creating-and-modifying-users.

Example of how the password expiration works

The following values are set for the fields on the Enforcement Policy tab of the User Password Management Configuration form:

  • Number of Days Before Expiration90
  • Number of Warning Days80
  • Days After Expiration and Disablement—100

In this case, the implementation is as follows:

  • The password expires after 90 days from the day the last time the password was changed.
  • The user gets a warning after 80 days since the day last time the password was changed.
  • The user account is disabled after 100 days from the day the password expired.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*