Login   ·   Register   ·   Member List
Wiki Home   >   Strong Passwords and Other Login Security Features in Hudson Applications

Navigation

 ·   Knowledge Base Home
 ·   Categories
 ·   Title List
 ·   Uncategorized Pages
 ·   Random Page
 ·   Recent Changes
 ·   RSS
 ·   Atom
 ·   What Links Here

Active Members:

Search:

 

Create or Find Page:

 

View Strong Passwords and Other Login Security Features in Hudson Applications

Category:Unassigned

Strong Passwords and Other Login SecurityFeatures in Hudson Applications

Hudson applications have required assigned unique login credentials from the very beginning and have generally been very secure because of this.  With the increasing demands of system security to ensure PCI compliance is obtained, Hudson logins have been made even more secure. This additional security is made possible through the use of Strong Passwords.  A strong password is a series of words, letters, symbols and numbers which may be easy for a user to remember but difficult for another person to guess.  We will review here the way in which you can implement additional login security through the use of strong passwords, and other advanced security settings.

Additional and more detailed information regarding login security options may be found in the article titled Login Security.

To enable additional Login security:
Tools > Configuration > Fare and Service > Login / Security tab

  • Auto disable if maximum retry is exceeded - Checking this option will disable the login account if the user tries to login unsuccessfully and meets the value specified in the login rules section. (Maximum number of login retries=3 (default setting)).
  • Require strong passwords - Checking this option will enable (require) Strong Passwords when logging into HWeb Agent, HWeb Dispatcher, HWeb Admin. 
If you determine that a Strong Password is to be required, then the passwords for all users must meet ALL of the following requirements:
  1. at least one character must be UPPER CASE letter
  2. at least one character must be  lower case letter
  3. at least one character must be numeric: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
  4. at least one character must be a symbol:  ( ) { } [ ] , . < > ; : ? / ~ ! @ # $ % ^ & * _ - + =
Additional User Login Rules may be customized on this tab as well. Double-clicking the value field to the immediat right of these rules will allow you to change the setting of:
  • Maximum number of login retries  - exceeding this value locks the user out of the HWeb applications
  • Minimum size of user ID - minimum number of characters that must comprise the user login ID (name). Note: the user ID is what will appear in Reservation history and reports.
  • Maximum size of user ID - maximum number of characters that can be included in the user login ID (name).
  • Minimum size of user password - minimum number of characters that must comprise the user password.  Longer passwords of random characters (especially if you require Strong Passwords) are most secure.
  • Maximum size of user password - maximum number of characters that may be included in the user password.
  • Days to password expiration - number of days, from the date the UserID is created that a password will remain valid.  The default value = 30 days. This will require a user to change their password once each 30 days, regardless of how many times they have logged into the system.  For maximum system and application security, a frequent password reset is highly recommended.  

Note:  If a new userID and / or password is assigned, and the user is unable to login successfully, you might check their priveleges and ensure that at least one application is enabled for their access (ex: Allowed to use HWeb Agent).

If a login error results, you can check out these login error codes that may assist in diagnosing the source of the error.

Categories: