Application authentication
This topic describes how to set the password policy when using OpenText Enterprise Performance Engineering's built-in user management authentication.
Note: We recommend using SSO or LDAP because they are a more secure type of authentication. For details, see LDAP authentication and SSO authentication.
Overview
When using internal application authentication, the OpenText Enterprise Performance Engineering administrator can use the default password policy, or can set the password policy according to the needs of their organization.
The OpenText Enterprise Performance Engineering administrator and the tenant user can change passwords for users that are set to log in to OpenText Enterprise Performance Engineering using their OpenText Enterprise Performance Engineering passwords. For details, see Change a user's password.
Set the password policy
This task describes how to set the password policy.
-
In Administration, select Configuration > Site Configuration, and click the Authentication Type tab.
-
Click the Application dropdown to display the password policy settings. You can use the default settings, or make changes as required.
Note: The default values are our recommended minimum requirements for secure password policies.
Password must contain at least -
X
alphabetical characters -
X
numeric characters -
X
lowercase characters -
X
uppercase characters -
X
special characters
Default: All are selected with a value of 1
Password must -
be between
X
andY
characters in length (this is the default setting, and it has values of 8 and 20) -
start with
X
alphanumeric characters (when selected, the default value is 1)
Password cannot include -
user's login name
-
user's full name
-
user's email
Default: All settings are cleared
Lock the user for
X
minutes afterY
consecutive failed login attempts, when the time between attempts is less thanZ
minutes.Default: Selected with values of 30, 5, and 5
Note: If an account is locked, a user can request a password reset. For details, see Unlock a user account.
-
-
Click Save to save the password policy settings.
To restore your previous password policy settings, click the Restore button
.
-
Click Select this authentication type to set Application as the authentication type for all users.
Unlock a user account
If a user is locked out of OpenText Enterprise Performance Engineering or Administration as a result of too many unsuccessful login attempts, they can do the following:
-
Click Forgot or want to change password in the OpenText Enterprise Performance Engineering or Administration Login window, and request a password reset.
-
Ask the site administrator to change the user's password.
-
For details on changing a OpenText Enterprise Performance Engineering user password, see Change a user's password.
-
For details on changing a Site Management user password, see Create and manage Site Management users.
-
-
Wait the configured amount of time for the account to be released, and then try to log in again.
Rate limit authentication requests
You can enable rate limiting to protect OpenText Enterprise Performance Engineering applications from brute‑force attacks. Rate limiting provides additional security by enabling you to set the maximum number of user authentication requests that the application can receive within a specific time period.
Application | Description |
---|---|
OpenText Enterprise Performance Engineering |
To rate limit authentication requests for OpenText Enterprise Performance Engineering:
|
Administration |
To rate limit authentication requests for Administration:
|
Site Management |
To rate limit authentication requests for Site Management:
|
See also: