Subscription Manager: How do I prevent a user in my company, after their password expired, from changing their password to one they already used?

How Can We Help?

< Back
NOTE: This article applies to users that have appropriate administrative access in Subscription Manager. Meaning, you need to have been given access to access the security settings in Subscription Manager.

Scenario:

Changing your password regularly is a good security principle to have. Unfortunately, not all users in a company do this on their own. Thus, software systems are increasingly forcing users to do so by letting their passwords expire after a certain number of days.

When forced to change their password, some users will attempt to use a password that they’ve used before. This behavior may increase the risk of a possible security issue occurring. Because Subscription Manager is acting as the central authentication body, it is important to prevent users from using an old password to some extent.

Solution:

To limit users from using old passwords, log into Subscription Manager and follow the steps below:

  1. Navigate to the Settings page by clicking on the Settings button in the top bar.
  2. Next, you need to set the Password Expiry (days) field, which is the amount of days that a password will stay valid before it expires, and a user is forced to change it.
  3. Specify the number of old passwords that need to be forbidden from being used in the Old Passwords Forbidden (number) box.
  4. Click Save.
Comments are closed.

This is the legacy version of the XMPro Documentation site. For the latest XMPro documentation, please visit documentation.xmpro.com

X