Credential policies define the rules for how a credential must be composed, such as the minimum and maximum length of a password or PIN. The credential policies also define the number of times a credential can be used, the number of allowed authentication failures, and the time range during which the credential is valid. You can add new policies, and edit and remove existing policies.
| Field | Description |
|---|---|
| Customer Type Policy | |
| Customer Type | Indicates the type of customer: consumer, merchant, or support agent. |
| Credential Type | Indicates the type of credential: password or PIN. |
| Credential Policy | Defines the rules for how a credential must be composed, such as the minimum and maximum length of a password or PIN. |
| Policy | |
| Name | Defines the name of the policy. |
| Min | Indicates the minimum number of characters for the credentials. |
| Max | Indicates the maximum number of characters allowed for the credentials. |
| Block Size | Indicates the number of consecutive characters or numbers that cannot be used, such as 1234, aaaa, abcd, and so forth. |
| Block Timeout (minutes) | Indicates the number of minutes the account is locked when the block threshold is exceeded. |
| Block Threshold | Indicates the number of unsuccessful log in attempts. |
| Password Retention | Indicates the password history, such as the number of passwords stored and how frequently old passwords can be reused. |
| Expiry (days) | Defines the days before a password must be changed. |
| Temporary Expiry (days) | Defines the number of days the system generated credentials expires. If left blank, temporary credentials uses the defined expiry. |
| Unused (days) | Defines the number of days an unused credential expires. Once expired it cannot be used. |
| Credential Pattern | |
| Regular Expression | Defines a sequence of text characters that specifies a set of strings. Typical expressions are /d+ for digit only credentials. |
| Match | Indicates that the credential must match the regular expression or not. |
| Message Template | Defines the message template key that can be used to inform the customer when this entry fails the new credential. |