14 password never expires, 15 change password at next login, 16 lock / unlock account – Kofax Communication Server 9.1.1 User Manual

Client Applications

Administrato

r‘s Manual Version 9.1.1

©Kofax, Inc.

22/204

Note: To change their own password, users must have general write access to the user
profiles or at least the right to change their own password

Login with old clients is not possible after the password has expired or if it was issued with the
―Change password at next login‖ option.

4.1.14 Password Never Expires

This user right may be set for individual users in the user profiles.

Note: No password expiry check is done for users whose password is not checked at all
because they specify a LAN user ID and have the user right Auto Login enabled.

4.1.15 Change Password at Next Login

Users can be forced to change their password at logon with the user right Change password
at next login. This is independent from the global maximum password age setting and applies
also to those users, that have the Password never expires, flag set in their user profile.

Note: If the user profile is saved with the user right Change password at next login set,
there is no possibility to reset this user right in the user profiles. Before saving the user profile,
TCfW checks the user right Change password at next login and shows a warning, if this
user right was set to Yes.

4.1.16 Lock / Unlock Account

An account gets locked if a certain number of consecutive logon attempts with wrong
passwords are made. A successful logon resets the counter of bad logon attempts (which did
not reach its trigger value in this case). It does not matter how much time passes between the
logon attempts, the counter is not cleared with a timeout.

Locking of an account will be reported by a system error message (with error level 2 =
warning) and an event log entry. The ―account locked‖ flag will be stored permanently in the
user profile.