Configuring User Account Security

The primary way InterAction maintains security for the individual users is by requiring a valid InterAction account name and password to log on to the system.

Depending on the user validation options your organization uses, the user may rarely enter this account name and password. For more information, see Setting User Account Authentication for the Web Client and Selecting User Validation Options for the Windows Client. However, every user must have a valid account name and a secure password to maintain security.

For more information, see the following sections:

  • Password Restrictions
  • Set User Password Restrictions
  • Clear a User's Password History
  • Password Expiration and Grace Logins
  • Set Password Duration and Default Grace Logins
  • Edit the Grace Logins for an Individual User
  • Resetting a User's Lost Password
  • Reset a User's Lost Password

For information about creating users and setting initial passwords for user accounts, see Creating and Editing Users Manually.

Password Restrictions

InterAction provides typical network password restrictions. You can configure these restrictions to provide the level of password security your organization needs.

Tip: To “turn off” the requirement for passwords, set the Minimum password length to 0. Note that users who opt to leave their password blank cannot keep their accounts secure.

InterAction lets you restrict the following:

  • Restrict the minimum and maximum length of a password
  • Require users to include at least one number in their password
  • Prevent users from using the same password more than once

  • Restrict users from creating a password that uses the same character in the same position in two subsequent passwords

    For example, a user with the password “SECRETPW” could not use “VERYSECU” as the subsequent password because the E is the second character in both.

  • Restrict passwords to specific characters
  • Restrict the first character of a password to specific characters

Password Restrictions in the Configuration Dialog Box

If you select to prevent users from using the same password more than once, InterAction saves a password history for each user. This is an encrypted list of all past passwords. Although you cannot review this history, you can clear it to let a user reuse an older password if necessary. See Clear a User's Password History.

You can assign a user a new password if the old password has been lost or forgotten. See Reset a User's Lost Password for more information.

Set User Password Restrictions

  1. Log on to InterAction Administrator.

  2. From the main window entity list, double-click User Account and Group Configuration.

  3. Choose Security.

  4. Select the password restrictions according to the following table, then choose OK.

    To Do This
    Restrict the minimum and maximum lengths of a password Enter the minimum and maximum number of characters in the Minimum Characters and Maximum Characters fields.
    Require users to include at least one number in their password Select the At Least One Digit option.
    Prevent users from using the same password more than once Select the Prevent Reuse option.
    Restrict users from creating a password that uses the same character in the same position in two subsequent passwords Select the Prevent Same Character option.
    Restrict passwords to specific characters Enter the allowable characters in the Legal Characters field. Example: ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789#$_@.
    Restrict the first character of a password to specific characters

    Enter the allowable first characters in the Legal First Characters field.

    Example:

    ABCDEFGHIJKLMNOPQRSTUVWXYZ

Clear a User's Password History

Note: You cannot view a user’s password history.

  1. Log on to InterAction Administrator.

  2. From the main window entity list, double-click User Account and Group Configuration. Then choose User Accounts to open the Manage User dialog box.

  3. Select the User you want to change in the list.

    • Use the marking feature to select multiple users.

    • The user you want to edit may not appear if the user does not match the criteria of the selected filter. To change the current user filter, choose Filter to open the Filter User dialog box, select the desired filter criteria and choose OK.

  4. From the Action drop-down list select User cleanup options and choose Apply.

  5. On the User Cleanup dialog box, select Clear Password History and choose OK.

  6. Confirm the change.

Password Expiration and Grace Logins

The password duration option lets you specify the maximum number of days that a password is valid until the user is forced to change his or her password. Once a password has expired, the grace logins value restricts the number of times a user can continue to log on before changing the expired password.

You use InterAction Administrator to set the password duration. The setting applies to all users.

You set the number of grace logins for each individual user when creating or editing the user. You can set a default value for this field; all new users then default the grace logins field to this value. Changing the default grace logins value has no effect on the grace logins value for existing users.

Set Password Duration and Default Grace Logins

  1. Log on to InterAction Administrator.

  2. From the main window entity list, double-click User Account and Group Configuration.

  3. Choose Security.

  4. Enter the maximum number of days that a password should be valid until the user is forced to change their password in the Password Duration field.

    Tip: To set passwords to never expire, set the Password Duration to 9999 days. This is the maximum value allowed in the field and is approximately 30 years.

  5. Enter the default grace logins value in the Grace Logins field.

    InterAction Administrator defaults the Grace Logins field for each new user to this value.

  6. Choose OK.

Edit the Grace Logins for an Individual User

To edit the grace logins for an individual user, edit the user and change the value in the Grace Logins field. This change only applies to the individual user.

See Edit a User Account for information about editing a user.

Resetting a User's Lost Password

If a user forgets his or her password, assign the account a new password, then have the user change it as soon as possible. You cannot just look up the forgotten password, since the current password does not appear in the dialog box and is stored in encrypted format in the database.

Reset a User's Lost Password

  1. Log on to InterAction Administrator.

  2. From the main window entity list, double-click User Account and Group Configuration. Then choose User Accounts to open the Manage User dialog box.

  3. Select the User you want to reset from the list.

    • The user you want to edit may not display if the user does not match the criteria of the selected filter. You can filter users by Status or group membership.

    • To change the current user filter, choose Filter to open the Filter User dialog box, select the desired filter criteria, and choose OK.

  4. Choose Edit to open the Edit User Account dialog box.

  5. On the General tab, type a new password in both the Password and Confirm Password fields.

  6. Choose OK to save the change.

  7. Choose Close to close the Manage User dialog box.

  8. Give the user the new password, with the recommendation that he or she change it as soon as possible.