Setting Password Policies
Sierra password policy settings provide detailed control of your system's login security functions. Many of these options are mutually interactive, so you should plan carefully to avoid setting conflicts and ensure expected behavior. In the Sierra desktop application, select Admin | Parameters | Security | Password Policies to open the Password Policies window.
Sierra enables the Password Policies dialog box to run for only one user at a time.
Basic Password Options
Require password change on first login
Select (check) this option to require a password change on the first login for a new account.
Require new password to differ from old
Select this option to require a new password to be different from the password being replaced.
Password Composition Requirements
Minimum password length
Specify the minimum number of characters required in the password. Password requirements vary depending on the version of Sierra your library is running.
- In Sierra 3.4 and earlier - The largest value accepted for this setting is "8". If the specified value is less than "1", the system adjusts the value to "1". The system does not accept values greater than "8".
- Sierra 4.0 and later - The minimum value accepted is "8" and the maximum value is "64".
Password Composition
If the sum of the minimum values you specify for password components below does not conform to the password requirements, you cannot save your password policy settings. Sierra provides a warning and enables you to return to the Password Policies window to correct your password composition settings.
Minimum number of lowercase alphabetic characters
Specify the minimum number of lowercase alphabetic characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".
Minimum number of uppercase alphabetic characters
Specify the minimum number of uppercase alphabetic characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".
Minimum number of non-alphabetic characters
Specify the minimum number of non-alphabetic characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".
Minimum number of numeric characters
Specify the minimum number of numeric characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".
Minimum number of special characters
Specify the minimum number of special characters required in the password. In Sierra 3.4 and earlier, the maximum value is "8". In Sierra 4.0 and later, the maximum value is "64".
NOTE
The system accepts the following special characters for passwords:
! " # $ % ' ( ) + , - . / : ; < = > ? @ [ \ ] { | } ~
Do not allow all-numeric password
Select this option to prevent all-numeric passwords.
Do not allow password and login to be identical
Select this option to prevent passwords that are identical to the login.
Do not allow password to be a simple pattern
Select this option to prevent simple, redundant passwords containing a character that is repeated three or more times (aaa, aaaa), or a set of 2, 3, or 4 characters repeated two or more times (abab, abcabc, abcdabcd).
Password Expiration Settings
Number of days until a new password expires
Specify the number of days a password remains valid. The system prompts for a new password when the current one expires. Maximum password life is 360 days. The default is "1". A value of "0" inhibits password expiration.
Number of days before password expiration to warn user
Specify the number of days of advance notification to provide before a password expires. The maximum is 30 days. The default is "5".
Limit Login Settings
Limit number of failed login attempts
Select this option to limit the number of failed login attempts. If this limit is met, the system requires a new browser session for further login attempts.
Exempt Logins
The Limit Login setting applies to all logins, including those you "exempt" from Password Policies.
Number of failed attempts allowed
Specify the number of failed login attempts to allow per browser session.
Remember Me
Offer "Remember Me" checkbox on login page
Select this option to add a Remember me on this computer check box to the Sierra login page. When selected by a user, Sierra saves the username for future use.