We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda SSL VPN

What are the options available for configuring passwords in my Barracuda SSL VPN?

  • Type: Knowledgebase
  • Date changed: 8 years ago

Solution #00004367

 

Scope:

This solution applies to all Barracuda SSL VPNs.

 

Answer:

The configuration options for Password authentication can be accessed from Management Console > Access Control > Security Settings > Password Options. There are a number of parameters that should be understood as the Password authentication module is commonly used as the default authentication scheme and tends to be found in most other multi-factored schemes. The configuration parameters are detailed below:

 

  • Max Logon Attempts Before Lock: A value of zero disables this option; the default value is three logon attempts, if after three attempts the account is temporarily locked.
  • Max Locks Attempts before Disable: A value of zero disables this option; the default is three temporary locks, after which the account is permanently locked.
  • Lock Duration: The length of time an account is locked; default value is 300 seconds.
  • Password Pattern: The definition of a password, how passwords should be constructed. Details on Password patterns can be found below.
  • Password Pattern Description: This description is shown to the user when defining a personal password.
  • Days before Expiry Warning: The default value is 21 days, after which the warning will be displayed to the user informing them to change their password, if set to 0 the users will never receive the expiry warning.
  • Maximum Password Age: The default is 28 days, after which the user will be forced to change the password, if set to 0 the users will never be forced to change their password.
  • Minimum Password Age: The default is 0 days, this is the number of days a password must be in effect before it can be changed.
  • Enforce Password History: Specifies the number of passwords that the SSL VPN will hold in memory for users, passwords that are still in memory cannot be used reused until sufficient password changes force the password out of the memory.

Explanation of Password Pattern:

The structure of an account password is based on regular expressions and is defaulted to:

.{5,}

This defines a password with a minimum size of 5 characters. Between the brackets the minimum and maxium number of characters required in the password are specified, to the left of the comma is the minimum number of characters, in this case 5 characters, to the right of the comma the maximum number, the blank entry denotes no maximum number of characters. The period at the beginning of the pattern means to match all the characters.

 

The security function password structure is built around ‘regular expression’ syntax. Any valid expression will be accepted to parse passwords an example is given below:

 

Expression       Meaning

X(n)                  X exactly n number of times

X(n,m)              X between n and m

.[^\s]{n,m}         Any character except white spaces with a length between n-m

\w[n,m]             Word character [a-z,A-Z,_,0-9] between n-m

 

Link to this page:

https://campus.barracuda.com/solution/50160000000Hrn7AAC