Chapter 4 BCM50 Security Policies and Accounts and Privileges 83
BCM50 Administration Guide
4In the Lockout duration box, enter the number of minutes the user is locked out after the
Lockout counter threshold is reached.
5In the Lockout counter reset box, enter the number of minutes to wait to reset the Lockout
counter.
Setting password expiry policy
Use this procedure to enable a password expiry policy.
To set password expiry policy
1Select Configuration, Administrator Access, Security Policies > Local Authentication
Policy.
2In the Days before password expire box, enter the number of days that a password can be
used before it expires.
3In the Warning days before password expire box, enter the number of days prior to password
expiry that the user will receive a notification.
4Select the Enable checkbox to enable the password expiry policy.
Setting password history policy
You can use the password history feature to prevent users from re-using the same password.
Administrators can configure the number of previous passwords to store and check.
To set password history
1Select Configuration, Administrator Access, Security Policies > Local Authentication
Policy.
2In the Password history section, select the Enable Password History box.
3In the Password history length box, enter the number of previous passwords to store and
check for an account.
Setting the authentication method
By default, users are authenticated on the local BCM50 system. In a network with mutliple
BCM50 systems, you can choose to authenticate users on a centralized server using RADIUS
(Remote Authentication Dial In User Service).
The BCM RADIUS client is compliant with the RADIUS protocol described in RFC 2865, and
supports the following authentication and authorization functions:
• ACCESS-REQUEST messages
• ACCESS-ACCEPT messages
Other functions, such as challenge key and accounting messages, are not supported.