Subject
This article is intended for administrators who perform initial setup and operational management of HENNGE Access Control.
Purpose
This article explains the settings related to passwords that users enter on the HENNGE Access Control login screen and how to change these settings.
Notes
1. The content of this article is based on the product specifications as of April 2024 and may change without notice in the future.
2. HENNGE Access Control administrator privileges are required for actual screen verification and setting changes.
3. Please refer to the following article for how to access the management screen.
How to Access the HENNGE Access Control Management Screen
4. The settings in this article are set on a tenant basis and cannot be set differently for each user.
Explanation of Settings
Password-related settings for HENNGE Access Control are located in the left menu of the HENNGE Access Control management screen under [System] - [Domain Settings] - [Password Settings].
Password Policy
You can select the password policy for new passwords as follows.
No Restrictions: No specific restrictions are set.
Uppercase/Lowercase/Numbers: Use uppercase letters, lowercase letters, and numbers.
Uppercase/Lowercase/Numbers/Symbols: Use uppercase letters, lowercase letters, numbers, and symbols.
At least 3 of Uppercase/Lowercase/Numbers/Symbols: Use at least 3 of uppercase letters, lowercase letters, numbers, or symbols.
At least 3 of Uppercase/Lowercase/Numbers/Symbols, Username Not Allowed: Use at least 3 of uppercase letters, lowercase letters, numbers, or symbols, without the username.
※1. When setting a new password policy, it is recommended to force a password change for users who have already set their passwords, as the new policy cannot be applied retroactively.
※2. You can use half-width alphanumeric characters and symbols.
※3. The following symbols can be used:
!, ", #, $, %, &, ', (, ), *, +, ,, -, ., /, :, ;, <, =, >, ?, @, [, \, ], ^, _, `, {, |, }, ~
※4. If user information is synchronized from Active Directory, this password policy will not be applied.
※5. When forcing a user to change their password, this password policy will not be applied.
Minimum Password Length
Set the minimum number of characters for user passwords.
The allowable number of characters is from 4 to 256.
Password Policy Display Text
You can set the text displayed on the password change screen.
The text must be less than or equal to 256 characters.
Set Password Expiry
Enabled (Toggle button is blue): Enable settings related to password expiry.
Disabled (Toggle button is gray): Disable all settings related to password expiry and hide subsequent setting items.
※ When disabled, passwords have no expiry.
Password Expiry
Set the password expiration period.
The period can be set from 1 to 366 days.
Also, when the password expiration is less than 7 days, the following message will be displayed at login.
Action on Password Expiry (Advanced Authentication)
Set the action the system will take when a user's password expires.
Do Nothing: Login proceeds as usual.
Show Warning Message: The following screen will be displayed after login.
Force Password Change: The following screen will be displayed after login, forcing the user to change their password.
Lockout (Cannot Login): The following screen will be displayed after login.
Action on Password Expiry (Basic Authentication)
※ This setting applies when using Microsoft 365 integration.
Set the action the system will take when a user's password expires using the Azure Active Directory Ws-Trust authentication method (Legacy authentication) to access.
Do Nothing: Login proceeds as usual.
Lockout (Cannot Login): Users will be unable to log in to HENNGE Access Control using Ws-Trust authentication.
Password Expiry Notification Email (Basic Authentication)
This can be configured when the action on password expiry (basic authentication) is set to "Lockout (Cannot Login)."
This notification email will be sent when a user logs in from 7 days before their password expiration to the expiration date.
The email text can include the following placeholders:
{{%URL%}}: Inserts the URL of the password change page.
{{%USERNAME%}}: Inserts the username.
{{%EXPIREDATE%}}: Inserts the password expiration date.
Set Admin Password Expiry to Unlimited
When enabled, users with HENNGE Access Control administrator privileges will not be prompted to change their password upon login.
Enabled: Admins are not required to change their passwords.
Disabled: Admins are required to change their passwords according to the password-related settings, just like regular users.
Self-Password Reset
Set the scope of enabling the Self-Password Reset feature.
This feature cannot be enabled for users with Active Directory and password synchronization settings.
Always Allow: Enable the use of this feature for all users.
Follow Access Policy Group Settings: Enable the use of this feature only for users belonging to permitted access policy groups.
Never Allow: Disable the use of this feature.
Procedure for Changing Settings
Set each setting value and click the [Save Changes] button in the upper right.