MithiDocs

Secure Vaultastic account access using Password Policies

Note: From the release of Vaultastic Version 4 (V4), users of a Vaultastic domain are called vaults.  If your domain is hosted on Vaultastic Version 3, substitute "vault" with "user" when referring to the instructions in this document. 

Overview

Using the Vaultastic Application, you can apply password policies for your Vaultastic domain. 

Password complexity and length

The password complexity and length can be set for your Vaultastic domain. To do so, follow the steps mentioned below.

  1. Log in to the Vaultastic application using Vault ID with the admin rights 
  2. Navigate to Admin Panel > Vaultastic Domain > Password Policies

  3. Choose the Password Complexity for your domain. The available levels and their descriptions are 
    • MoreComplex:
      • Should have minimum eight and maximum thirty characters
      • at least one digit
      • at least one uppercase alphabet
      • at least one lowercase alphabet
      • at least one special symbol
    • Complex:
      • Should have minimum eight and maximum thirty characters
      • at least one digit
      • at least one alphabet
      • at least one special symbol
    • Simple:
      • Should have minimum eight and maximum thirty characters

Password Depth

The password depth (history) is the number of previous passwords maintained by the system. When vault's password is reset, the system will check whether the new password is one of the previous passwords. If it is found in the history, then the system will instruct to set another password.

To configure the password depth your domain,

  1. Log in to the Vaultastic application using Vault ID with the admin rights 
  2. Navigate to Admin Panel > Vaultastic Domain > Password Policies
  3. In the Depth box, to set the number of passwords to be stored in history.
  4. If the number of passwords to be stored as history is 1, the system will restrict to set a different password than the current one.

Password Expiry

The password expiry feature enables the administrator to force change vault's password regularly. When the password expires, access to the account is blocked, thereby forcing to reset vault's password.

  • To configure your the password policy for the domain,
  1. Log in to the Vaultastic application using Vault ID with the admin rights 
  2. Navigate to Admin Panel > Vaultastic Domain > Password Policies
  3. Toggle the Expiry switch to enable or disable the property. 
  • To configure the password policy of a vault,
  1. Log in to the Vaultastic application using Vault ID with the admin rights 
  2. Navigate to the Admin Panel > Vaults 
  3. In the right pane,
    • ‚ÄčExpand the Authentication section (If you are using Vaultastic V4)
    • Expand the Security section (If you are using Vaultastic V3)
  4. Toggle the Password Expiry switch to enable or disable the property. 
  5. Mention the Password Age in the number of days for which the password is valid after the last password change.

Forgot Password App

The Forgot password app allows you to reset vault passwords if forgotten.

To enable the forgot password link on the login page,

  1. Log in to the Vaultastic application using Vault ID with the admin rights
  2. Navigate to Admin Panel > Vaultastic Domain Password Policies
  3. Toggle the Forgot Password App switch