WHAT IS NIST? THE COMPLETE GUIDE TO THE NIST CYBERSECURITY FRAMEWORK
Explore this comprehensive guide on how the NIST Cybersecurity Framework can be applied to your organization.
Enhanced Password Options
In conjuction with the new ability to Allow Users Control Panel Access, we have added some Password Options, found on the Users tab. There are three Basic Password Options, that were explained in another blog post and are included with all current hosting plans (Group, Secure, Business & Enterprise).
The following Enhanced Password Options (circled in orange on the screenshot) are available to customers on the Enterprise plan. Please consult FTP Today Sales if you are interested in upgrading to the Enterprise plan to acquire these features.
- Require Strong Passwords- When checked any new or changed passwords for users must meet strong password rules. Those rules will default to 8,1,1,1,0 per the rules below, but you may then edit those rules to suit your own strong password needs:
- Minimum length for passwords - Default = 8.
- Minimum number of upper case - Default = 1.
- Minimum number of lowercase - Default = 1.
- Minimum number of numerals - Default = 1.
- Minimum number of symbols - Default = 0
- Prohibit username within password- This will prevent a user from choosing a password that equals or contains their username. We recommend you enable this.
- Non re-usable password history (days) - Default 0. This is the number of days that the same password cannot be re-used.
- Password expiration (days) - Default 0. The number of days since the last change that a password will expire.
- Password expiration warning (days) - Default 0. The number of days prior to password expiration that the user will receive a warning via email.
- Require initial password change - When checked, you will not have to assign passwords when users are created. Instead, the system will send the user an email requiring them to log in and change their password. The account will be inaccessible via FTP, FTPS, SFTP, etc. until their password is changed. Like the Basic function of forgotten passwords, the link a new user is sent via email will expire based on the Time limit for password reset.
Again, these enhanced passwords features are only available to Enterprise accounts. Please contact if an upgrade is needed.
About Martin Horan
Founder of FTP Today and an expert in secure file transfer and Internet protocols. A software and IT geek since a young age, Martin has successfully led his companies through the digital age by spotting market niches and filling them with quality IT services.