SecurID® Governance & Lifecycle Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID Governance & Lifecycle experts.
Article Number
000038330
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle
RSA Version/Condition: 7.1.0, 7.1.1, 7.2.x
RSA Version/Condition: 7.1.0, 7.1.1, 7.2.x
Issue
The Password Management feature in RSA Identity Governance & Lifecycle (Admin > System > Edit > On button next to the Password Management Module) allows password policies to be defined that send emails to users requesting that they change their password based on some event such as an approaching password expiration date or if someone has reset their password for them. The frequency that these emails are sent to users is managed by the password policy being used. This RSA Knowledge Base Article explains how to control the frequency of the emails that are sent to users requesting that they change their password.
Emails requesting that a user change their password may be similar to the following:
Emails requesting that a user change their password may be similar to the following:
Hello <user name>,
Your password on <directory/application> for account <account name> <message>.
Please change your password as soon as possible to avoid denial of service.
These reminders will be sent to you periodically until you change your password.
Thank you.or
Hello <user name>,
Your password on <directory/application has been reset by someone else.
Please change your password as soon as possible to avoid compromise of your account.
These reminders will be sent to you periodically until you change your password.
Thank you.Resolution
The frequency of emails to be sent is defined by the password policy being used.
Password policies are defined under the Requests > Password Management > Password Policies tab. Here a policy can be defined as the default password policy for all business sources or it may be used for specific business sources as defined under the Resources > Directories/Applications > {Directory/Application name} > Password Policy tab.
To control the frequency of password expiration emails:
Image description
Password policies are defined under the Requests > Password Management > Password Policies tab. Here a policy can be defined as the default password policy for all business sources or it may be used for specific business sources as defined under the Resources > Directories/Applications > {Directory/Application name} > Password Policy tab.
To control the frequency of password expiration emails:
- In the user interface go to Requests > Password Management > Password Policies tab
- Click on the Password Policy name.
- Edit the Password Policy.
- The Password Expiration fields are defined as:
Specify the number of days a password is valid before it automatically expires and the number of days before it expires that the system sends an expiration notification email to the user.
- Under Password Expiration choose the number of days before a password expires and the number of days to warn users before their password expires. If the password policy is associated with a specific business source, ensure the expiration policy defined in RSA Identity Governance & Lifecycle matches the policy of the collected data source.
Image descriptionIMPORTANT: It is recommended that these values not be set to '0'. If you define either of these values to '0', emails will be sent every day.
In this article
