RealPresence Collaboration Server (RMX) 1500/1800/2000/4000 Administrator’s Guide
Polycom®, Inc. 820
Defining Password Change Frequency
The frequency with which a user can change a password is determined by the value of the
MIN_PWD_CHANGE_FREQUENCY_IN_DAYS System Flag. The value of the flag is the number of days
that users must retain a password.
● Possible retention period is between 0 and 7 days. In Ultra Secure Mode the retention period is
between 1 (default) and 7.
● If the System Flag is set to 0, users do not have to change their passwords. The System Flag cannot
be set to 0 when the Collaboration Server is in Ultra Secure Mode.
● If a user attempts to change a password within the time period specified by this flag, an error,
Password change is not allowed before defined min time has passed, is displayed.
An administrator can assign a new password to a user at any time.
Forcing Password Change
When the system is in Ultra Secure Mode the user is forced to change his/her password as follows:
● After modifying the value of the ULTRA_SECURE_MODE System Flag to YES, all Collaboration
Server users are forced to change their Login passwords.
● When an administrator creates a new user, the user is forced to change his/her password on first
Login.
● If an administrator changes a users User ID name, that user is forced to change his/her password on
his/her next Login.
● If a user logs in using his/her old or default password, the Login attempt will fail. An error, User must
change password, is displayed.
● Changes made by the administrator to any of the Strong Password enforcement System Flags
render users’ passwords invalid.
Example: A user is logged in with a fifteen character password. The administrator changes the value of the
MIN_PASSWORD_LENGTH System Flag to 20.
The next time the user tries to log in, he/she is forced to change his/her password to meet the updated
Strong Password requirements.
Temporary User Lockout
When the ULTRA_SECURE_MODE System Flag is set to YES, Temporary User Lockout is implemented
as a defense against Denial of Service Attacks or Brutal Attacks. Such attacks usually take the form of
automated rapid Login attempts with the aim of gaining access to or rendering the target system (any
network entity) unable to respond to users.
If a user tries to log in to the system and the Login is unsuccessful, the user’s next Login attempt only
receives a response from the Collaboration Server after 4 seconds.
User Lockout
User Lockout can be enabled to lock a user out of the system after three consecutive Login failures with
same User Name. The user is disabled and only the administrator can enable the user within the system.
User Lockout is enabled when the USER_LOCKOUT System Flag is set to YES.
If the user tries to login while the account is locked, an error message, Account is disabled, is displayed.
User Lockout is an Audit Event.