The following options are available in the System section of the System Options screen.
•Login Attempts before Lockout: Number of unsuccessful login attempts a user can make before being locked out of the system (read-only field).
•Lockout Duration (in hours): Specify in hours the duration of a lockout before a user can attempt to log in again.
•Terminal Automatic Logout After X Idle Minutes: Number of minutes a terminal can be idle before a user is automatically logged out (read-only field).
•Web Automatic Logout After X Idle Minutes: Number of minutes the web can be idle before a user is automatically logged out (read-only field).
•Password Requirements: Password requirements are listed in this section of the System Options screen.
•Require Website Users to Change Their Passwords: This option is disabled by default. If the option is enabled, users must change their password based on the number of days set in the Number of Calendar Days to Require Password Change field.
When this option is enabled for the first time, all web users must change their password on their next login. The following warning will appear:
WARNING! Require Website Users to Change Their Password has been enabled. All current HST website users will be required to change their passwords on the next login. Do you wish to proceed?
Click OK or Cancel.
When a user’s password passes the number of days set in the Number of Calendar Days to Require Password Change option, they will be prompted to change their password before logging in:
A password change is required for this account.
The Password Reset screen will appear where the user can enter a new password, which must meet the requirements of at least one lower case letter, one upper case letter, one number, and one special character. If the Users Cannot Reuse Previous Passwords checkbox is checked, the user must enter a password that has not been used the number of times set in the Number of Previous Passwords field.
Once the user has entered a valid new password, a Password successfully changed message will appear and the user can select a site, if applicable, or log in to the Home screen.
•Number of Calendar Days to Require Password Change: This option is enabled if the Require Website Users to Change Their Passwords checkbox is checked. The default setting is 90. This option can be set to a minimum of 30 days and a maximum of 365 days.
•Users Cannot Reuse Previous Passwords: This option is disabled by default. If this option is enabled, when users change their passwords, they must enter a password that has not been used the number of times set in the Number of Previous Passwords field.
If the checkbox for this option is unchecked, when the user clicks Save, the following warning will appear:
WARNING! Users Cannot Reuse Previous Passwords has been turned off. All historical password information will be deleted, but not current passwords. Do you wish to proceed?
Click OK or Cancel.
The following message will appear if a user enters a previously used password: The new password cannot match a password used previously.
•Number of Previous Passwords: This option is enabled if the Users Cannot Reuse Previous Passwords checkbox is checked. The default setting is 5. This option can be set to a minimum of 1 previous password and a maximum of 20 previous passwords.