====== Security ====== ===== Purpose ===== * The **Security** section allows administrators to configure user authentication and password management to ensure the safety and protection of the system. * This feature includes settings like login attempts, password complexity, password length, and password expiration (see image below). {{:products:promonitor:6.8:userguide:administration:adminconfig:pasted:20240917-213145.png}} ===== Security settings ===== In this section, administrators can configure: * **Max Login Attempts**: * This setting controls the number of allowed failed login attempts before the system temporarily locks the user’s account. * By default, the number is set to **5**, meaning users will be locked out after **5 failed login attempts**. * You can increase or decrease this number depending on your organization's security requirements. * **Enforce Password Complexity**: * When this setting is enabled, users are required to create passwords that meet certain complexity standards, including uppercase and lowercase letters, numbers, and special characters. * This setting is enabled by default. * To disable password complexity enforcement, uncheck the option (this might reduce the strength of user passwords and increase security risks). * **Min Password Length**: * This option allows administrators to set the minimum number of characters required for a password. * The default is **8 characters**. * You can modify this value according to your security needs (longer passwords are generally more secure). * **Password Validity Period (days)**: * This setting enforces a password expiration policy, the specified number of days, users will be prompted to update their passwords. * By default, this period is set to **-1 days**, this is disabled by default. * You can adjust this period by entering a new value (shorter periods enforce more frequent password updates, but may lead to increased support requests for forgotten passwords). ===== Important Notes ===== * It is strongly recommended to edit these settings to enhance system security and protect against unauthorized access.