Setting Password Policies

To manage password policies, you must be assigned permission 607 (Administer Password Policies). See Permissions Used by Sierra for more information.

Set the Login: Enable Password Policies option to "YES" to enable password policy management.

Sierra password policy settings provide detailed control of your system's login security functions. Many of these options are mutually interactive, so you should plan carefully to avoid setting conflicts and ensure expected behavior. In the Sierra desktop application, select Admin | Parameters | Security | Password Policies to open the Password Policies window.

Sierra enables the Password Policies dialog box to run for only one user at a time.

Basic Password Options

Require password change on first login

Select (check) this option to require a password change on the first login for a new account.

Require new password to differ from old

Select this option to require a new password to be different from the password being replaced.

Password Composition Requirements

Minimum password length

Specify the minimum number of characters required in the password. Password requirements vary depending on the version of Sierra your library is running.

Password Composition

If the sum of the minimum values you specify for password components below does not conform to the password requirements, you cannot save your password policy settings. Sierra provides a warning and enables you to return to the Password Policies window to correct your password composition settings.

Minimum number of lowercase alphabetic characters

Specify the minimum number of lowercase alphabetic characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".

Minimum number of uppercase alphabetic characters

Specify the minimum number of uppercase alphabetic characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".

Minimum number of non-alphabetic characters

Specify the minimum number of non-alphabetic characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".

Minimum number of numeric characters

Specify the minimum number of numeric characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".

Minimum number of special characters

Specify the minimum number of special characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".

NOTE

The system accepts the following special characters for passwords:

! " # $ % ' ( ) + , - . / : ; < = > ? @ [ \ ] { | } ~

Do not allow all-numeric password

Select this option to prevent all-numeric passwords.

Do not allow password and login to be identical

Select this option to prevent passwords that are identical to the login.

Do not allow password to be a simple pattern

Select this option to prevent simple, redundant passwords containing a character that is repeated three or more times (aaa, aaaa), or a set of 2, 3, or 4 characters repeated two or more times (abab, abcabc, abcdabcd).

Password Expiration Settings

Number of days until a new password expires

Specify the number of days a password remains valid. The system prompts for a new password when the current one expires. Maximum password life is 360 days. The default is "1". A value of "0" inhibits password expiration.

Number of days before password expiration to warn user

Specify the number of days of advance notification to provide before a password expires. The maximum is 30 days. The default is "5".

Limit Login Settings

Limit number of failed login attempts

Select this option to limit the number of failed login attempts. If this limit is met, the system requires a new browser session for further login attempts.

Exempt Logins

The Limit Login setting applies to all logins, including those you "exempt" from Password Policies.

Number of failed attempts allowed

Specify the number of failed login attempts to allow per browser session.

Remember Me

Offer "Remember Me" checkbox on login page

Select this option to add a Remember me on this computer check box to the Sierra login page. When selected by a user, Sierra saves the username for future use.