It is possible within rostrvm to increase the security for client users of AdVisor / CallGuide and Manager. If enhanced security is switched on then additional checks are made when the user enters their password whilst logging on to rostrvm.
This section describes:
| • | how to enable enhanced security; |
| • | the additional checks carried out when enabled. |
Enhanced security is not configurable. It is configured through the rostrvm licence key that is provided and used when installing the system for the first time. Enhanced security is therefore either enabled or disabled and cannot be changed by the customer. It can only be changed through the purchase of a new rostrvm licence key.
If enabled, the following additional checks are enforced by rostrvm Manager when creating a new user:
User Ids ...
| • | must be at least 5 characters in length; |
User Passwords ...
| • | must be a minimum of 8 characters in length. |
| • | must contain at least 3 of the following character types: (i) upper case alphabetic; (ii) lower case alphabetic; (iii) numeric; (iv) non alpha/numeric. |
| • | must be forbidden to reuse at least 5 of the most recently used passwords. |
The ability for a rostrvm user to change their own password is also provided by AdVisor. Once they authenticate their current password they can enter a new password that conforms to the complexity and history rules defined above. Users are also sent an instant message when they logon should their password be due to expire within 10 days.
Users that do not use the system for 6 months are deleted from the rostrvm database.