This page details the vales and functions of the Cinchy System Properties table.
System Properties is a table within Cinchy for managing system properties, such as default time zones, system lockout durations, password expirations, password properties, password attempts allowed etc.
The Default of the Systems Properties table is set up as follows (Image 1):
Default Time Zone
Eastern Standard Time
Password Attempts Allowed
System Lockout Duration (minutes)
Minimum Password Length
Password Requires Symbols
Password Requires Numbers
Password Expiration (Days)
Image 1: Default Set Up
Please note that this table is case sensitive.
The System Properties requirements can be changed by an admin user simply by editing the 'Value' columns where applicable:
Users can set their own time zones in their user profile. If a user does not set one up, the system default time zone will take effect. If this property does not exist or is invalid, the default time zone will default to UTC.
The minimum password length is 8 characters. The length will always default to 8 if an invalid value is provided, or if you attempt to set it to less than 8. This number can be changed (i.e. made higher than 8) in the 'Value' column to require users to have longer passwords.
This property specifies whether symbols are required in a user's password. The 'Value' 0 means symbols are not required and 1 means they are required.
This property specifies whether numbers are required in a user's password. The 'Value' 0 means numbers are not required and 1 means they are required.
For a new password policy to take effect, you can set all user's Password Expiration Timestamp to yesterday. They will need to change their password the next time they attempt to log in.
This property specifies how many days until a password expires. This defaults to 90 but can be set to be shorter or longer by changing the number in the 'Value' column.
This property specifies how many bad password attempts a user can make before they are locked out of the system. The default is 3 but this can be set to be more or less attempts by changing the number in the 'Value' column.
This property specifies how long a user is locked out of the system once they've run out of bad password attempts. The default is 15 minutes but this can be set to be shorter or longer by changing the number in the 'Value' column.
Note that an administrator can also go into the 'Users' table to manually unlock a user by clearing the Locked Timestamp.
This is a property, defaulted to 0, that is simply responsible for showing this warning when a data owner is setting up Data Erasure or Data Compression on a table (Image 2). It is the administrator's responsibility to set up a scheduled maintenance job for performing compression and erasure, and then to change the property to 1 so that the warning no longer appears.
Image 2: Data Compression
There is a Cinchy table called Forbidden Passwords. This table comes with a prepopulated list of passwords from https://www.ncsc.gov.uk/static-assets/documents/PwnedPasswordsTop100k.txt
You can add more blocked passwords to this list as well, and users will not be able to set their password to it (this can be used to add your company's name, or to import other blocked password lists). The check against the list is case insensitive.
Like other password policies, this check occurs when your password changes, so to enforce this you will need to set all passwords to be expired.