In the Administration → Access management → Users section, click the Authentication settings button above the table of users.
In the sidebar, manage the following settings:
In the Password requirements section, configure the following:
Set a minimum password length.
Use the check boxes to configure which characters the password must include (uppercase and lowercase letters, numerals, and special characters).
By default, the following requirements apply to passwords:
The password must contain numerals, special characters, and uppercase and lowercase letters.
The minimum password length is 8 characters, and the maximum password length is 72 characters.
Under Session interruption, configure the following:
Set the maximum duration of a session in hours. You can specify a value from 1 to 168 hours. After this time expires, the session ends.
By default, the logged-in user session in the Management Console is 9 hours.
Use the Logout after inactivity check box to enable the automatic termination of a session if the user is idle and specify the period in minutes after which the session is terminated. If this check box is cleared, the session is never automatically terminated because of inactivity.
This check box is cleared by default.
Use the User's concurrent sessions are prohibited check box to prevent the user from simultaneously working from several different devices or initiating multiple sessions under the same account. If a user authorizes on another device or starts a second session on the same device, the user's first active session is terminated.
This check box is cleared by default.
In the Account blocking section, configure the following:
Specify the number of authorization attempts allowed. If a user runs out of attempts and fails to enter the username and password correctly, the user's account is temporarily blocked.