Polycom RMX 1500, DOC2702A Implementing Password Re-Use / History Rules, Defining Password Aging, Maximum Repeating Characters

Chapter 15-Users, Connections and Notes

Polycom, Inc. 15-11

Implementing Password Re-Use / History Rules

Users are prevented from re-using previous passwords by keeping a list of previous

passwords. If a password is recorded in the list, it cannot be re-used. The list is cyclic, with

the most recently recorded password causing the deletion of the oldest recorded password.

• The number of passwords that are recorded is determined by the value of the

PASSWORD_HISTORY_SIZE System Flag. Possible values are between 0 and 16.

• A flag value of 0 means the rule is not enforced, however this rule cannot be disabled

when the RMX is in Ultra Secure Mode.

•In Ultra Secure Mode, at least 10 passwords (default) and up to 16 passwords must be

retained.

If the password does not meet this requirement, an error, New password was used recently, is

displayed.

The duration of password validity is determined by the value of the

PASSWORD_EXPIRATION_DAYS System Flag.

• Passwords can be set to be valid for durations of between 0 and 90 days.

•If the System Flag is set to 0, user passwords do not expire. The System Flag cannot be set

to 0 when the RMX is in Ultra Secure Mode.

•In Ultra Secure Mode, the minimum duration can be set to 7 days and the default

duration is 60 days.

The display of a warning to the user of the number of days until password expiration is

determined by the value of the PASSWORD_EXPIRATION_WARNING_DAYS System

Flag.

• Possible number of days to display expiry warnings is between 0 and 14.

•If the System Flag is set to 0, password expiry warnings are not displayed. The System

Flag cannot be set to 0 when the RMX is in Ultra Secure Mode.

•In Ultra Secure Mode, the earliest warning can be displayed 14 days before passwords

are due to expire and the latest warning can be displayed 7 days before passwords are

due to expire (default setting).

• If a user attempts to log in after his/her password has expired, an error is displayed:

User must change password.

A System Flag MAX_PASSWORD_REPEATED_CHAR allows the administrator to

configure the maximum number of consecutive repeating characters to be allowed in a

password.

Range: 1 - 4

Default: 2

A System Flag MAX_CONF_PASSWORD_REPEATED_CHAR allows the administrator to

configure the maximum number of consecutive repeating characters that are to be allowed

in a conference password.

Range: 1 - 4

Default: 2