!!!ESTABLISH SYSTEM ACCESS RULES The Establish System Access Rules (IMAR) screen allows you to provide different access levels to users. You can control password size and how many times a user can attempt to login to the system. Data for the Establish System Access Rules screen is stored on the [P2K_AM_ACCESS_RULES] table. ;[Accessor Types|ACCESSOR_TYPE]:There are 5 accessor types, but only three are really used. * Identity - for Self Service user * User - for the Professional user * Candidate - for the Candidate %%information Please note in the text below, for easy of reading, the term ‘user’ is placed instead of ‘accessor’.%% ;[Validation Method|VALIDATION_METHOD]:There are three validation methods: * Java and SQL are what you should be using at this point. * SQL is for the old software * Java Version SHA-1 is used if you were only using Java %%label-danger UMRS cannot be run to reconcile new security set up if using "Java Version SHA-1". If it is launched all user passwords will need to be reset.%% \\ \\ ;[Minimum Password Size|PASSWORD_LENGTH]:This field allows you to determine the minimum amount of characters a user may have in their password. Passwords can be up to 30 varchar in length. You can determine a specific minimum size for each accessor type, so the Professional may need a minimum of 10 characters while the Candidate would need a minimum of only 5. Below this field you have other options for the user’s password: ;[Must Contain Digit|PASSWORD_DIGIT]:If this field is toggled, the user's password must contain at least one numerical character. This will be a default toggle, so if you don't want them to have a digit, un-toggle it. ;[Must Contain Punctuation|PASSWORD_PUNCTUATION]:If this field is toggled the user's password must contain a special punctuation character. %%information There is a lexicon called [X_BLOCKED_PHRASES] which is used as another method of password security that will automatically be enabled to all passwords in the system. The samples provided in the lexicon show the various phrases/wording that cannot be used in passwords.%% ;[Track # Prior Passwords|NUMBER_PRIOR_PASSWORDS]:You can control how many times a person can use a prior password. For example, if you set this number to 3, the person would not be able to use the same password until the fourth password change. ;[Force Password Change Default|FORCE_PASSWORD_CHANGE]:This toggle dictates that if a user's password has been changed for them, they must change their password once they come into the system. ;[Must Contain Both U/L Cases|PASSWORD_BOTH_CASES]:If this field is toggled the user's password must contain at least 1 Upper and 1 Lower case character. ;[Password Expires-Dys|PASSWORD_DAYS]:This field dictates how often a user has to change their passwords. If you set it to 30, the user will have to change their password every 30 days. ;[Lock After Expires-Dys|EXPIRE_LOCK_AFTER_DAYS]:If the user has to change their password after a set amount of days, this field will indicate how many days after that due date the user has before they are locked out of the system. For example, if the Password Expires-Dys is set for 30 and the Lock After Expires-Dys is set for 90, this means that if the user does not log in for 90 days after the password expiry date, they will be locked out of the system. At that point they will need to call their system administrator to be allowed back in. ;[Login Attempt|LOGIN_ATTEMPTS]:This field indicates how many times a user can attempt to login per session. i.e. one login window. ;[Max Login Attempts|MAX_LOGIN_ATTEMPTS]:This field is the amount of times a single user can try to log in. Once they surpass that number, they will be locked out of the system until unlocked by an administrator. ;[IP Lockout Minutes|IP_LOCKOUT_MINUTES]:This field has been deprecated. ---- ![Notes|Edit:Internal.IMAR] [{InsertPage page='Internal.IMAR' default='Click to create a new notes page'}]