NexLog Recorder User Manual v2.2.0
111
Maximum password age
: Once this many days have passed since the user has
last changed the password before they are required to change it again. For
example, if this option were set to 7, users would be required to choose a
different password each week. If a user's password 'expires' and has not yet
been changed, then if the user attempts to log in to NexLog via the web
Configuration Manager or other clients, the only option they will have available
to them is "Change Password". They will not be able to utilize other client
functionality until they successfully complete password modification.
Minimum password age
: If this option is set to a value greater than zero, it
configures a time period after which a user changes their password in which
they are prevented from changing their password again.
Warn Before Password Expires
: Will warn user this many days before a
password change is required.
Reject Previous Passwords Including Current
: Remember historical
passwords and don’t allow them to be re-used. If set to a value greater than
zero, this option will prevent a user from reusing a recent password. For
example, if set to three, a user required to change their password every week
could not simply rotate between 'password1' and 'password2'. Normally this
option would only be used in conjunction with the Minimum Number of Days
feature described immediately above. Otherwise, users could simply change
their password several times quickly to clear out the configured "recent history"
list to get around the security requirements.
Lockout
Clicking the “Lockout Settings" sub header provides configuration settings
allowing user accounts to be temporarily "locked out" upon presentation of an
invalid password. This can be used to prevent unauthorized personnel from
gaining access to the recorder by using automatic scripts to attempt many
passwords very quickly. To enable this option, check the "Enable Account
Lockout" Checkbox and configure the two fields below:
Lock After Failed Attempts
: The number of unsuccessful passwords that must
be entered in order for a user's account to enter the locked out state
Lock Duration
: The number of seconds a user’s account remains in the lockout
state once the threshold above is met.
None of the settings on this NexLog Configuration Manager page will take effect
until the 'Save' button is pressed.
4.9.3. SSL
When client software connect to the recorder and transfer data over the
network, this data can be sent in plain text (unencrypted) over the network or
can be encrypted using the SSL (Secure Socket Layer) protocol. This Setup page
determines where encryption is used. For each entry, the recorder can be