As an account owner or administrator, you can define the criteria for Treasure Data user passwords. All users of your Treasure Data account must adhere to the set of criteria that you specify. When you change the password criteria, existing users receive notification and will have to update their password if they do not already meet the updated criteria.
Specify the Password Policy
Account owners and Administrators can specify the account password policy from the Admin section of TD Console. Click the Security tab to configure the password policy.
- Minimum Length
- The minimal character length of user passwords. Default: 8
- Specifies how frequently that users must change their password. Specified in days. For example, the value '60 days' means the password must be changed every 60 days. Default: Never
- Saves the value of a specified the number of passwords for a user. User are not allowed to use previous passwords as specified. Default is 6. Example, if you specify the value as '4' then users must create a unique password that does not equal any of the last 4 prior password values.
- Specifies the types of characters that a password must contain. Refer to the following image:
- Maximum Invalid Login Attempts
- The number of incorrect attempts one user is allowed make while attempting to login. When the maximum number is exceeded, the user receives an email that allows them to unlock their profile and attempt to login again. Alternatively, the user can reset their password from the login pane. If the user takes no action, the profile is unlocked 1 hour after the last failed attempt.
- User Session Timeout
- Specifies how long a user can remain in logged in state, while inactive. Default: 24 hours
New accounts are defaulted to the password policy you specify. When you change any password criteria, all users receive an email notification that explains that the security requirements have changed, and that users might have to change their password to meet new criteria. If their current passwords already meet the changed criteria, then users can login without updating their password.
Also, account users receive a notice when their current password expires and must be changed.
You can specify an IP address at the account level. You might want to specify an IP Address when you expect most of your team to use a common IP address to access Treasure Data.