Hi All,
Our end users are using M-Files authentication. Is it possible to have a mandatory changing password every month?
Is there a new features that force the user to change their password at the given time?
-Messiah
Hi there,
At this point that's not possible, but M-Files has an open improvement request for the feature.
More precicely, the improvement idea has the following list of requested features:
It should be possible for M-Files user accounts to:
1) Define password complexity (length, minimum amount of numbers, special characters, etc.)
2) Force password change after certain intervals
3) Possibility to prevent users from changing password
4) The last 3 passwords cannot be reused.
5) The new System should be able to alert system administrator for password expiry.
The feature identifier is #5540 - it's been hanging there quite a while.
I've now updated the content of that improvement a bit, and also updated this request details to it.
Hi,
The functionality will be welcome since it is necessary for the application of the safety instructions.
Side note: for enhanced security we recommend using federated authentication with an identity provider such as Azure AD. With these external identity providers you can define password policies and enable further security measures such as multi-factor authentication.
For reference, see the authentication section in Best Practices for Data Security and High Availability in M-Files.