Internal Password

Table of contents

• 1 Functionality
• 2 Configuration
• 3 Password policies
• 4 change password

Usually the user name and its password required for authentication are stored in the operating system (Windows, Active Directory) or in the database management system (MS SQL Server, ORACLE). When using internal passwords user name and password are stored in a table of the IDL.KONSIS.FORECAST database. Then the password is stored as a hash value which is composed out of the password an a random string (salt). The authentication method IDL-User is activated by choosing Auth: IDL-User in the configuration program of the IDL.KONSIS.FORECAST Application Server.

For every user with login using an internal password there must be an entry in the USE application. There the field PW-Reset should be set to "A" providing that the user is prompted to change his password on the first login.

Note: If no user with an internal password is existing yet the authentication method DB-User has to be used for the first login to define a password e.g. for the user idladmin.

Password settings:

• PW length: The length of the password has a minimum of 8 and a maximum of 16 characters.
• PW-Reset: 'A' = The administrator (key user; member of the the group IDLADMIN or IDLSYS) assigns a start password. The start password has to be entered by the user at his next login to IDL.KONSIS.FORECAST. Now the message appears that the password has expired. Then the user is prompted to modify his password in the extended dialogue. 'U' = The password had been reset by the administrator (key user; member of the the group IDLADMIN or IDLSYS). The user logs in with his old password. Now the message appears that the password has expired. Then the user is prompted to modify his password in the extended dialogue.
• Interval: Password expires afer a given number of days and hast to be modified.
• ChgInterval: Period of validity of the password in number of days

The following policies for password complexity can be set:

• PW-legth: minimal length 7, max length 16 character
• Ident.Char: no more then 3 equals chars
• Seq.Alpha: no Alphabetical-Sequence allowed (abcdefg)
• Seq.Num.: no Numeric-Sequence allowed (123)
• Seq.Keyb.: no Keyboard-Sequence allowed (qwertyui)
• min. 1 num: must contain at least one numerical character
• min. 1 spec: must contain at least one special character
• min. 1 lowC: must contain at least one lower case character
• min. 1 uppC: must contain at least one upper case character

If the password has expired this will be reported at the next login attempt. For the purpose to modify the password a new password has to be entered in the fields "New password" and "Confirm password" of the extended login dialogue.