Password Expiry and other enhancements
Ensures that multiple character classes are included in the password.
Setting to 0
disables this feature.
There are two settings.
-
Automatically expires password after the specified number of days. Setting to
0
disables this feature. Maximum of999
days. -
Warning emails are sent when the last time the password was changed is within a threshold of expiry Setting to
0
disables this feature. Maximum of999
days. Emails are sent on the first day entering the threshold, then every 7 days until one day before expiration, on which a final warning email is sent.
There are two settings.
-
Restrict reusing the last
X
passwords. This cannot be set lower than1
(Redmine default). Maximum of30
. -
Restrict quickly changing passwords to avoid working around the reuse restriction. Setting to
0
disables this feature. Maximum of999
days.
Locks the user account for X
minutes after Y
unsuccessful login attempts. Setting X
to 0
disables this feature.
Maximum X
is 999
minutes.
Maximum Y
is 99
attempts.
There is also the option to send the user an email for each failed login. The user and all admins are always emailed if the account is locked.
Automatically locks registered and active accounts that were not used for the specified number of days.
Setting to 0
disables this feature.
Maximum of 99
days.
As Redmine doesn't have a cron functionality, the tasks are run on the first user login of the day.