Administrator Password Expiration Policy

Overview of Password Expiration Policy

To help secure and protect unauthorized access to the Cato Management Application, administrators are required to change their login passwords at least once every 90 days.

E-mail notifications will be sent in advance to all administrator users configured on your account stating that the password of the individual is due to expire. E-mail reminders will be sent both 14 days, and 3 days prior to password expiration.

If a user does not change their password in advance, they will be prompted to reset their password when next logging into the Cato Management application. If a user does not follow the process to reset their password when prompted, they will be unable to login.

An example e-mail notification which would be sent to the user can be seen here:

mceclip0.png

Password Complexity Requirements

To help secure your account further, Cato Networks requires that your Administrator password should follow a minimum security convention:

  • Passwords are case-sensitive

  • Password length is between 8 - 32 characters

  • Passwords must contain at least one each of the following: lower case letter, upper case letter, and a number

Failed Login Policy

If an admin enters the wrong password for the account, this is a failed login. After five failed login attempts, the account for this admin is locked for 30 minutes.

Was this article helpful?

0 comments

Add your comment