Passwords

  • Published on Oct 28, 2025
  • 3 minute(s) read
Prev Next

Threat View allows user authentication with static password. To verify the entries, Threat View retrieves the user credentials from the database. To ensure password security, passwords must comply with the Threat View password strength rules. If a password does not comply, Threat View displays an error message.

Password strength rules

To ensure the password security, Threat View enforces password strength rules. These rules are defined in the default policy which you can access via the application properties.

The default password strength rules are:

  • Minimum length: 14 characters

  • Maximum length: 98 characters

    The maximum length is fixed and cannot be configured.

  • Allowed characters:

    The password must be composed of the following characters:

    • At least one uppercase character (A through Z)

    • At least one lowercase character (a through z)

    • At least one number (from 0 to 9)

    • Special / non-alphanumerical characters: the default strength rules do not prescribe the inclusion of special characters.

In addition to these strength rules, Threat View does not allow passwords that are based on or identical to the user name. This serves to prevent common problems caused by passwords that are identical to the user name (e.g., a user account “admin” with the password “admin”).

Change own password

Regardless of their assigned user role, users can always change their own password when logged in to Threat View. The password must conform to the strength rules.

To change your password

  1. Log in to the Threat View Administration Interface.

  2. Click the My Profile button in the left navigation bar, and select My Profile.

  3. In the Security section, click Edit.

  4. Enter your new password twice, and click Save.

Reset passwords

If a user must reset their password, e.g., because their password was lost or their account has been locked, a new password can be created. The user can log in again to Threat View with this new password but must change it after logging in. There are two different scenarios for resetting passwords:

  1. An Insights Viewer, Account Owner, or one of several User Administrators must reset their password: can be handled by another User Administrator.

  2. The only or the last of several User Administrators must reset their password: the password must be reset by your Support or Operations team.

Always ensure to verify the reason why resetting a user’s password has become necessary.

Scenario A: User Administrator resets password

If a user (regardless of their role) must reset their password, e.g., because they lost it, another Threat View User Administrator can change the password and provide this to the user. The user can then log in to Threat View and change this new password.

Scenario B: Support or Operations resets password to rescue the administrator

If you have only one Threat View User Administrator, or if the last of several Threat View User Administrators must reset their password, e.g. because the passwords were lost, there is no other user who can create a new password. Instead, the password must be reset directly on the Threat View database.

Your Support or Operations team initiates this operation: they need to reconfigure the deployment of the Identity Management service and redeploy it. During the reconfiguration, a recovery flag is set which indicates that an Account Owner account is recreated. The Threat View Identity Management service starts in recovery mode and displays a warning message at startup to indicate that it is running in recovery mode.

The Identity Management service should not run with this flag enabled if no recovery action is required, as the recovery process resets the first User Administrator account!

If the First Administrator account does not exist at all anymore, the Identity Management service recognizes that the recovery flag has been set and create the First Administrator account again during startup. If the account still exists, it will be recovered by resetting the password, resetting the account, and/or - if the account was locked - unlock it. For each of these steps, the Identity Management service produces a DEBUG log message. You can set up alerts in your Threat View infrastructure on these log messages to indicate that the service is running in recover mode, if needed.

In either case, the recovery credentials will be the same as the initial credentials that were created during the setup of your solution. If required, your Support or Operations team can also use other credentials, i.e., credentials that are different from those used for the initial deployment of the Identity Management service.

If required, your Support or Operations team can also create different credentials. After successful recovery, your Support or Operations team reverts the recovery flag and restart the Identity Management service to ensure the service now starts in regular mode and does no longer run in recovery mode.

Once the recovery has been completed, your User Administrator can log in to Threat View again and must change the password again upon this login.