Passwords

System administrators can change individual user passwords and configure password requirements for a V‑Spark installation. Users can also change their own passwords.

The administrator-level view of the User Settings screen includes a section to Update Password, where an administrator can change an individual user's password.

This section also contains a Send password reset link button, which sends the user an email with a password reset link to be used in case that password is lost or must be changed.

Configurable Requirements

V‑Spark may be configured to require that user passwords be a certain length, to require that users change their passwords within a certain timeframe, or to disable a user account after a certain number of consecutive failed login attempts. These settings are defined in the system configuration file 02sizing.cfg , they are global to a V‑Spark installation, and they apply to all of its company entities.

Details for these options are described in the following table:

Table 1. Password configuration fields

Name

Values

Notes

min_passwd_len

default 7

-1 or any integer from 1 to 255 (inclusive)

  • Defines the minimum string length of the password.

  • Specifying a value of -1 deactivates the length requirement.

  • Invalid values are ignored, and the default value 7 is used instead.

max_passwd_lifetime

default -1

-1 or any integer from 1 to 9007199254740991 (inclusive)

  • Defines the number of days after which the password must be changed.

  • Default value of -1 deactivates the password age policy.

  • Invalid values are ignored, and the default value -1 is used instead.

max_passwd_failed_attempts

default 6

-1 or any integer from 1 to 2147483647 (inclusive)

  • Defines the maximum number of consecutive failed login attempts a user may perform before the user's account is locked. Exceeding this attempt limit disables the user account, and it cannot be used until it is reactivated by a system administrator.

  • Specifying a value of -1 deactivates the attempt limit.

  • Invalid values are ignored, and the default value 6 is used instead.

Other Requirements

Some password requirements are not configurable and will be active in any V‑Spark installation running version 4.0.2-1 or higher. These requirements include the following:

  • A user may not change the account password to any of the previous four used.

  • Passwords must contain both letters and numbers.

  • A user must provide the current password to change the account's email address.

Policy Enforcement

Users whose passwords don't meet the requirements will be prompted to change their passwords on next login. If password policy criteria change, either because of reconfigured or newly added settings, users will be prompted to change their passwords if those passwords fail to meet policy criteria as a result of those changes. This behavior also applies in the case of upgrades from V‑Spark systems without password policy functionality to a version with these policies active.

Note also that:

  • Password rules are not configurable using the UI; they must be specified in the installation's config file.

  • When users change passwords manually via the GUI, passwords that do not meet the length rule will be rejected.

  • When passwords are set manually or programmatically via the API, passwords that do not meet the length rule will trigger a password change when the user next logs in.