Password policy

The Password Policy tab allows you to configure the settings for user passwords in NetSupport ServiceDesk. You can control what type of passwords can be set when the password expires, enforce multi-factor authentication, circumstances for account lockout, set logon failure rate limits and what is written to the security log.

To set password policies

  1. Select the Admin tab and click the Users icon in the toolbar.

  2. In the Tree view, select Defaults.

  3. Select the Password Policy tab.

Password policy

Password Policy

Enables you to control the type of passwords that can be set, when they will expire and enforce multi-factor authentication.

Passwords Never Expire

If checked, the users' password will never expire.

Minimum Password Length

Specify the minimum length of a user's password.

Enforce Complex Passwords

When enabled, passwords must meet the following requirements:

  • Passwords must be at least 8 characters long

  • Passwords must not contain the user's name

  • Passwords must contain at least three of the following:

    • Lower case characters

    • Upper case characters

    • Numeric characters

    • Non-alphanumeric characters

Enforce Password History

If selected, the user cannot change their password to one they have previously used.

Enforce MFA

Multi-factor authentication can be enabled, meaning you can increase security by forcing users to authenticate when they log into NetSupport ServiceDesk.

Note: By default, all companies, departments and users will inherit this setting. You can turn it off at individual levels if required. See Multi-factor authentication for further information.

Account Lockout Policy

The Account Lockout Policy settings allow you to control what happens when users try to access NetSupport ServiceDesk with an invalid password. NetSupport ServiceDesk will automatically lock a user out of the system if they try to access it with an incorrect password.

Account lockout duration

Specify the number of minutes the account remains locked out for.

Account lockout threshold

Specify the number of incorrect logon attempts before the account is locked out.

Reset lockout counter after

Specify the amount of time in minutes that the failed logon attempts are remembered for.

Logon Failure Rate Limits

The Logon Failure Rate Limits settings enable you to configure how many incorrect logon attempts are made over a set period before an IP address is blocked and set how long the IP address is blocked for.

Logon failure period in minutes

Specify the period in which, if the maximum number of invalid logon attempts is exceeded, an IP address is blocked.

Max failed logon attempts

Set the number of invalid logon attempts before an IP address is blocked.

IP ban duration

Specify the number of minutes the IP address is stopped from making a logon attempt for.

Security Audit Log

The Security audit log settings control what information is written to the security log.

Log failed logon attempts

If selected, all failed logon attempts are recorded in the security log.

Log successful logon attempts

If selected, all successful logon attempts are recorded in the security log.