Configure Cherwell Credential Settings (User/Customer Password Rules)

Use the Cherwell Credentials page in the Security Settings window (in CSM Administrator) to configure the following User/Customer password enforcement rules:

  • Complexity
  • Character length
    Note: The maximum password length is 200 characters.
  • Reset
  • Lockout
    Notes: Password resets should only be configured if (1) the User/Customer has security rights to change their password and (2) the system administrator has not prevented the User/Customer from changing their password in their User Profile/Customer Credentials. Individual Customer and User password settings can override some of these settings, if needed. User password settings are defined in the User Profile (CSM Administrator>Security category>Edit Users task); Customer password settings are defined in the Customer Credentials window (CSM Desktop Client>Customer>Portal Settings).

To configure User/Customer password enforcement rules:

  1. In the CSM Administrator main window, click the Security category, and then click the Edit Security Settings task.
  2. Click the Cherwell Credentials page.

  3. Configure enforcement rules for User and Customer credentials:

    Note: The settings selected apply to individual User/Customer account creation, individual User/Customer password changes, and batch generated User/Custer credentials.

    1. Enforce Windows complexity rules: Select this check box to require that the password be complex (six (6) characters, a combination of at least three (3) of the following: uppercase letters, lowercase letters, numbers, symbols/punctuation marks, and cannot contain the User's/Customer's login ID).

      Note: If Enforce Windows complexity rules is selected, the minimum number of characters must be at least six (6).

    2. Enforce minimum password length: Select this check box to require that a minimum number of characters be in a password. Then, select the minimum number of characters.
    3. Enforce maximum password age: Select this check box to require a password reset every x days. Then, schedule the reset by selecting the number of days between resets.
    4. Days before required password change to warn customers: Select this check box to warn Users/Customers ahead of time that a password reset is required. Then, select how many days in advance to send the warning. Users/Customers receive daily warnings of the impending reset when they log in.
    5. Lockout Customers After X Failed Login Attempts: Specify the number of times Users/Customers can attempt to login using the incorrect credentials before CSM locks them out of the system.
  4. Click OK.

