Authentication and Password Policies¶
Configure authentication methods and password requirements to secure your infoRouter system.
Accessing Policy Settings¶
- Click the Control Panel tab
- Click Authentication and Password Policy Settings
- The settings window appears
NT Authentication Domain¶
| Setting | Description |
|---|---|
| LDAP Domain | Displays the LDAP authentication domain used to authenticate infoRouter users |
Configuration File
The LDAP domain setting can only be changed by editing the web.config file directly.
Login Tracking¶
Track login activity for security auditing and brute-force prevention.
| Option | Description |
|---|---|
| Track successful logins | Log all successful login attempts |
| Track unsuccessful login attempts | Log failed login attempts |
| Apply delays between login attempts | Prevent automated login attacks (specify delay in milliseconds) |
Password Policy¶
Applies to infoRouter Authentication Only
Password policies only apply to users authenticated by infoRouter, not users authenticated via LDAP.
Password Requirements¶
| Requirement | Description |
|---|---|
| Password expiration period | Number of days before password must be changed |
| Minimum password length | Minimum number of characters required |
| Alpha characters | Require letters (Aa-Zz) |
| Numeric characters | Require numbers (0-9) |
| Special characters | Require symbols (~!@#$%^&*()-_+=) |
| Cannot match email | Password cannot be the same as email address |
| Cannot match username | Password cannot be the same as username |
| Weak password check | Check against list of common weak passwords |
Password Re-Prompt¶
Add an extra layer of security by requiring users to re-enter their password for sensitive operations.
| Action | Description |
|---|---|
| :material-library-minus: Delete libraries | Require password to delete libraries |
| Delete documents or folders | Require password for deletions |
| Delete users | Require password to delete user accounts |
| Change security | Require password for security changes |
| Change owners | Require password to transfer ownership |
| Change classification status | Require password for classification changes |
| Perform workflow tasks | Require password for workflow actions |
Role Restrictions¶
| Setting | Description |
|---|---|
| Library Managers can edit policies | Allow or prevent Library Managers from modifying library policies |
Control Access
This setting is controlled by Policy Managers and the System Administrator.