These options prevent users from re-using old passwords, and automatically expire current passwords. (Not applicable if domain authentication is enabled.)
Prevent password re-use |
Defines the rules for how many previous passwords are retained for historical purposes, and the rules for matching them. Note: since VSys does not ever know a user's password, only the hash of it, changing the matching rules may only be effective for newly-entered passwords, not existing ones. |
Automatically expire passwords |
After a password is changed, it will expire in this many days. Within the Security Manager, individual users' passwords can be set to expire immediately. |
Notify users of pending password expiration at |
At this many days before their password is set to expire, users will be notified at every login. |
Users can change their own passwords every |
If password self-update is enabled, after a user changes his password, he will have to wait this many days before changing it again. This option is commonly used to prevent users from bypassing re-use rules by repeatedly changing their password in order to overflow the remembered list of password hashes. |