Password History

When forced to change their password, some users tend to recycle old passwords. This behavior can compromise that user's password and therefore the security of your repository. To avoid this situation, you can configure Laserfiche to keep track of old passwords and prevent a user from setting his or her password to a password that he or she previously used. The amount of time that Laserfiche will store old passwords is administrator-defined.

Tip: To make sure a user never recycles an old password, set the time period to a very high number. For example, setting the time period to 18,250 days would prevent a user from using the same password within a 50 year period.

To prevent users from recycling old passwords

  1. Start the Laserfiche Administration Console.
  2. In the console tree, expand the desired Laserfiche Server item.
  3. Select the desired Laserfiche repository.
  4. If security has been enabled on the selected repository, log in as any user who has been granted the Manage Repository Configuration privilege.
  5. Expand the ClosedRepository Options item.

  6. Click the Password Policy item.
  7. From the Action menu, click Properties. The Password Policy Properties dialog box will appear. ClosedClick to view screenshot.
  8. On the General tab, select the Enforce password history check box.
  9. In the Number of days before old passwords can be re-used option, set the minimum number of days that must pass before a user can use an old password.
  10. Click OK to save your changes.

To prevent users from recycling old passwords 

  1. Open the web client management page. Sign in as any user who has been granted the Manage Repository Configuration privilege.
  2. Click Users in the left pane.
  3. Click Password Policy, in the upper right above the list of users.
  4. Select Enforce password history.
  5. In the Number of days before old passwords can be re-used option, set the minimum number of days that must pass before a user can use an old password.
  6. Click OK to save your changes.