Polycom RMX 1500, DOC2702A Managing the User Login Process

Polycom RealPresence Collaboration Server (RMX) 1500/2000/4000 Administrator’s Guide

15-10 Polycom, Inc.

Managing the User Login Process

Strong Passwords can be implemented for logging into the RMX management applications.

They can be implemented when the system is in standard security mode or when in Ultra

Secure Mode.

The FORCE_STRONG_PASSWORD_POLICY System Flag, which enables or disables all

password related flags cannot be set to NO and all Strong Passwords rules are automatically

enabled and cannot be disabled when the ULTRA_SECURE_MODE System Flag is set to

YES.

If an administrator modifies any of the Strong Passwords flag settings, all users are forced to

perform the password change procedure, ensuring that all user passwords conform to the

modified Strong Passwords settings.

Administrators can change passwords for users and other administrators. When changing

passwords for him/herself, other administrators or other users, the administrator is

required to enter his/her own administrator’s password.

Strong Passwords rules are enforced according to the settings of the various Strong Passwords

flags as described in Table 22-8, “ULTRA_SECURE_MODE Flag Value – Effect on System

Flags,” on page 22-49. Default settings of these flag change according to the system security

mode.

Password Character Composition

•A Strong Password must contain at least two of all of the following character types:

—Upper case letters

—Lower case letters

—Numbers

—Special characters: @ # $ % ^ & * ( ) _ - = + | } { : " \ ] [ ; / ?

> < , . (space) ~

• Passwords cannot contain the User ID (User Name) in any form. Example: A user with a

User ID, ben, is not permitted to use “123BeN321” as a password because BeN is similar

to the User ID.

• Passwords cannot contain more than four digits in succession.

When the strong password option is enabled and the password does not meet the Strong

Password requirements an error, Password characteristics do not comply with Enhance Security

requirements, is displayed.

Password Length

The length of passwords is determined by the value of the MIN_PASSWORD_LENGTH

System Flag.

• Possible flag values are between 0 and 20.

•A System Flag value of 0 means this rule is not enforced, however this rule cannot be

disabled when the RMX is in Ultra Secure Mode.

•In Ultra Secure Mode, passwords must be at least 15 characters in length (default) and

can be up to 20 characters in length.

•If the MIN_PASSWORD_LENGTH flag is enabled and the password does not meet the

required length an error, Password is too short, is displayed.

If the minimum password length is increased, valid pre-existing passwords remain valid

until users are forced to change their passwords.