System Properties is a table within Cinchy for managing system properties, such as default time zones, system lockout durations, password expirations, password properties, password attempts allowed etc.
The Default of the Systems Properties table is set up as follows:
Please note that this table is case sensitive.
The System Properties requirements can be changed by an admin user simply by editing the 'Value' columns where applicable:
Users can set their own time zones in their user profile. If a user does not set one up, the system default time zone will take effect. If this property does not exist or is invalid, the default time zone will default to UTC.
The minimum password length is 8 characters and it will default to 8 if an invalid value is provided. However, this number can be changed in the 'Value' column to require users to have longer or shorter passwords.
This property specifies whether symbols are required in a user's password. The 'Value' 0 means symbols are not required and 1 means they are required.
This property specifies whether numbers are required in a user's password. The 'Value' 0 means numbers are not required and 1 means they are required.
For a new password policy to take effect, you can set all user's Password Expiration Timestamp to yesterday. They will need to change their password the next time they attempt to log in.
This property specifies how many days until a password expires. Defaults to 90 but can be set to be shorter or longer by changing the number in the 'Value' column.
This property specifies how many bad password attempts a user can make before they are locked out of the system. The default is 3 but this can be set to be more or less attempts by changing the number in the 'Value' column.
This property specifies how long a user is locked out of the system once they've run out of bad password attempts. The default is 15min but this can be set to be shorter or longer by changing the number in the 'Value' column.
Note that an administrator can also go into the 'Users' table to manually unlock a user by clearing the Locked Timestamp.
This is a property, defaulted to 0, that is simply responsible for showing this warning when a data owner is setting up Data Erasure or Data Compression on a table. It is the administrator's responsibility to set up a scheduled maintenance job for performing compression and erasure, and then to change the property to 1 so that the warning no longer appears.
There is a new Cinchy table called Forbidden Passwords. This table comes with a prepopulated list of passwords from https://www.ncsc.gov.uk/static-assets/documents/PwnedPasswordsTop100k.txt
You can add more blocked passwords to this list as well, and users will not be able to set their password to it (this can be used to add your company's name, or to import other blocked password lists). The check against the list is case insensitive.
Like other password policies, this check occurs when your password changes, so to enforce this you will need to set all passwords to be expired.
Property ID
Name
Value (Default)
2
Default Time Zone
Eastern Standard Time
12
Password Attempts Allowed
3
13
System Lockout Duration (minutes)
15
8
Minimum Password Length
8
9
Password Requires Symbols
1
10
Password Requires Numbers
1
11
Password Expiration (Days)
90
15
Maintenance Enabled
0