Password Policies
User Management supports strong password enforcement policies for locally created users, as well as blocking users after multiple unsuccessful login attempts.
Default Passwords
In the new installation, only the following default users are present:
eleveo.admin – user who is assigned default administrative rights in User Management (by default the password for this user is
admin
)eleveotrain – user who is used for Eleveo trainings purposes (by default the password for this user is
Eleveotr@1n
)
The default users are strongly recommended to change their default passwords. A default password can be changed by a user in User Profile as described on the page Configuring User Profile and Password.
Temporary User Passwords
If the password for any user is set by eleveo.admin to be temporary, a password change is enforced when the user logs in for the first time. Setting a password to be temporary is described here: Changing Passwords for Users.
Additionally, users can change their own password using the instruction provided here: Configuring User Profile and Password.
Complex Passwords Required
By design the system requires that enhanced complex passwords be used.
Passwords must be elaborate in nature.
Eleveo default settings require that new passwords must meet the following Complexity Requirements:
at least 8 characters
with at least one character a number (0-9)
at least one character a lowercase letter (a-z)
at least one character an upper case letter (A-Z)
The default policies can be modified using the instruction provided here: Managing Password Policies.
Regular Password Change
All locally created users are requested to change their passwords after one year.
Unsuccessful Logins Before Lockout
After 30 unsuccessful login attempts, the status of a user will change to locked. For details refer to the section Unlocking a Locked User.