This topic explains how to set system-wide security parameters.
Most global security settings, such as the maximum number of failed login attempts to allow, apply to all Security Analytics users and sessions. Settings related to password expiration, such as password expiration period and the default number of days before user passwords expire, apply to internal Security Analytics users, but not external users.
In addition to specifying the global default user expiration period, you can specify if and when internal Security Analytics users receive notification that their passwords are about to expire. The password expiration notification consists of a one-time email and password expiration messages when they log on to Security Analytics.
Configure Security Settings
- In the Security Analytics menu, select Administration > Security.
The Security view is displayed with the Users tab open.
- Click the Settings tab.
In the Security Settings section, specify values for the fields as described in the following table.
Field Description Lockout Period Number of minutes to lock a user out of Security Analytics after the configured number of failed logins is exceeded. The default value is 20 minutes. Idle Period Number of minutes of inactivity before a session times out. The default value is 60. If the value is 0, the session will not timeout. Session Timeout The maximum duration of a user session before timing out The default value is 600. If the value is 0, there is no maximum time for a session. If the value is a positive integer, the session times out when the configured time has elapsed. The user must log in again. Case Insensitive User Name Select this option if you want the RSA Security Analytics Username field on the login screen to be case insensitive. For example, you could use Admin or admin to log on to Security Analytics. Max Login Failures The maximum number of unsuccessful login attempts before a user is locked out. The default value is 5 Global Default User Password Expiration Period The default number of days before a password expires for all internal Security Analytics users. A value of zero (0) disables password expiration. For upgrades and new installations, the default value is zero (0). Notify User <n> Days Prior to Password Expiry The number of days before the password expiration date, to notify a user that their password is about to expire. Users receive a one-time email on the specified date before their passwords expire. They also see a Password Expiration Message dialog when they log on to Security Analytics.
A value of zero (0) disables automatic password expiration notification. If you set the Global Default User Password Expiration Period to zero (0), users do not receive automatic password expiration notifications.
- Click Apply. The Security Settings take effect immediately. If a password expires, the user receives a prompt to change the password when they log on to Security Analytics.