Validating password information

The  can validate the password entered by a user against the user's Windows or UNIX login password instead of maintaining an Encryption Security-specific password. To enable this:

• Make sure the  or  user name and the operating system user name are identical.
• If you use Authentication aliases, the Login name alias should be identical to the operating system user name.
• Leave the Password field in the User form blank. See "Field" in Creating-and-modifying-users.
• Select the Cross Ref Blank Password check box on the EA (external authentication) tab of the AR System Administration: Server Information form. For more information about password configuration, see Setting-external-authentication-options.

Where supported, the operating system password validation feature enables the operating system to set the following password policies:

• Aging—Determines how quickly a password expires.
• Lockout—Limits the number of incorrect logins a user can enter before the system locks the user out.
• Password Restrictions—Sets the password length and the allowed password characters.

Aging and Password Restrictions can be configured in  where the user password is stored in the User form (see Enforcing a password policy introduction and Enforcing restrictions on passwords). The operating system password management system must be used to configure Aging and Password Restrictions where the user password is stored external to the User form.

The operating system password management system can also be configured to lock out users after too many failed password attempts. Use this method when the user password is stored external to the User form. See Max Number of Password Attempts in Setting-administrative-options. The operating system password management system can also be configured to lock out users after too many failed password attempts. This method is effective where the user password is stored external to the User form.