The user account policy window is where you can set rules for user accounts using MSL login credentials. These settings don't affect accounts linked to Single Sign-On (SSO) login. You can set up password security rules like minimum password length, maximum password age, and lockout for repeated incorrect login attempts.
TABLE OF CONTENTS
You can access this feature from your MSL System Admin site. Only Super Admins with Membership Admins or Site Admins permissions can access the User Account Policy window, but only MSL has the permissions to update these settings.
For further information, see People Overview.
User Account Policy Fields
This table lists and explains the User Account Policy fields.
| Field Name | Definition |
|---|---|
| Min Username Length | This is the shortest permissible length for a username. There is a default minimum username length of 6 characters. |
| Min Password Length | This is the minimum number of characters required for a password. There is a default minimum password length of 6 characters. |
| Lockout Threshold (Attempts) | This is the number of unsuccessful login attempts allowed before an account is locked. There is a default lockout threshold of 5 attempts. |
| Lockout Duration (Minutes) | This is the period of time an account remains locked after reaching the lockout threshold, specified in minutes. There is a default lockout duration of 20 minutes. To learn how a super admin can unlock an account, see How to Unlock a Person's Website Account. |
| Max Password Age (Days) | This is the maximum duration in days for which a password remains valid before it must be changed. When reached, the user is forced to change their password on login. By default, this is set to 0, indicating no maximum password age applies. |
| Max Account Age (Days) | The maximum lifespan of a user account in days, after which the user must re-register. By default, this is set to 0, indicating no maximum account age applies. |
| Default Username Option | This is the predefined method or criteria used to generate a username when an account is created by a super admin. The options are:
|
For further information, see How to Update the User Account Policy.