Document Type | Technical Information
Category | Administration
Applicable Product Versions | 6FS07, 6FS07PS, 7FS01, 7FS02, 7FS02PS
Document Number | TADTI037
Overview
When using Profiles, confusion sometimes arises regarding the use of password_reuse_time and password_reuse_max related to the number of password reuses. This guide explains how to use them.
Method
PROFILE Creation Statement
CREATE PROFILE profile_name LIMIT failed_login_attempts 3 (Number of allowed login attempts) password_lock_time 1 (Lock time after exceeding error attempts: 1 day) password_life_time 90 (Password expiration period: 90 days) password_reuse_time 365 (Password reuse prohibition period: 365 days) password_reuse_max 10 (Number of prohibited reuse changes: 10 times) password_grace_time 10 (Warning period after expiration) password_verify_function VERIFY_FUNCTION (Validation function);
If issues occur regarding password reuse during password changes, check the values of password_reuse_time and password_reuse_max.
CautionIf either password_reuse_time or password_reuse_max is set to unlimited, the same password can never be used again.(Because time or count is set to infinite, the parameter loses its meaning.)
password_reuse_time 365 (Password Reuse Prohibition Period)
Since it is counted in days, when setting in hours, minutes, or seconds, apply by division.
[Example]
- Change after 1 minute: 1/1440 (1440 = 60 minutes x 24 hours)
- Change immediately after 1 second: 1/86400 (86400 = 60 seconds x 60 minutes x 24 hours)
password_reuse_max 10 (Number of Prohibited Reuse Changes)
Counts by number of times regardless of elapsed time after change.
[Example]
- 1: Set to 1 if you want to return to the previous password after one change.
- 10: Set to 10 if you want to go through 10 different passwords before returning to the previous one.