- 16 Oct 2024
- 1 Minute to read
- DarkLight
Base Policy
- Updated on 16 Oct 2024
- 1 Minute to read
- DarkLight
Parent policy: N.A.
The following are the configurable default settings of the base policy.
Base Policy—Default parameter settings | ||
Parameter name | Default value | Description |
---|---|---|
static_pwd_min_length | 8 | Minimum Password Length Sets the minimum length required for the static password. Possible values: 0–9999 |
user_days_inactive | 0 | Maximum Days Between Authentications This setting specifies the number of days a user account can remain inactive before it is suspended. If the account has been suspended, the user will not be able to log on. The user will be notified during authentication that the user account has been suspended. By default, a user account expires when no operations have been performed during the last 90 days. You can reactivate a suspended user account with the Reset Last Authentication Time action in the USERS >User Account tab. Setting this value to 0 effectively disables this feature. User accounts that are suspended at the time the feature is being disabled will become active again with the next successful user authentication. |
Base Policy—Default parameter settings provides an overview of all other default settings. This overview is for reference only – some of these parameters cannot or should not be changed in OneSpan Cloud Authentication.
Parameter name | Default value |
---|---|
dur | No |
autolearn | No |
stored_password_proxy | No |
assign_mode | Neither |
assign_search_up_ou_path | No |
appl_type | No Restriction |
local_auth | None |
backend_auth | None |
group_check_mode | No Check |
one_step_chal_resp | No |
one_stek_chal_checkdigit | No |
backup_vdp_enabled | No |
pin_change_allowed | Yes |
challenge_request_method | Keyword |
primary_vdp_request_method | Password |
backup_vdp_request_method | KeywordPassword |
backup_vdp_request_keyword | otp |
itimewindow | 20 |
stimewindow | 20 |
eventwindow | 20 |
syncwindow | 6 |
ithreshold | 0 |
strhreshold | 0 |
checkchallenge | 1 |
onlinesg | 0 |
create_time | yyyy-mm-ddThh:mm:ssZ |
modify_time | yyyy-mm-ddThh:mm:ssZ |
user_lock_threshold | 3 |
offline_auth_enabled | No |
offline_time_interval | 21 |
offline_max_events | 300 |
dcr | No |
chg_win_pwd_enabled | No |
chg_win_pwd_length | 16 |
client_group_mode | No Check |
second_otp_sync_enabled | No |
vdp_delivery_method | SMS |
radius_rep_attr_enabled | No |
radius_allowed_protocols | Any |
radius_session_lifetime | 3600 |
radius_session_ticket_lifetime | 86400 |
radius_session_ticket_reuse | 48 |
static_pwd_diff_to_prev | 4 |
static_pwd_min_lower_alpha | 1 |
static_pwd_min_upper_alpha | 1 |
static_pwd_min_number | 1 |
static_pwd_min_symbol | 0 |
staic_pwd_not_userid_based | Yes |
multi_dp_appl_validation_mode | Multiple DIGIPASS Applications Allowed |
privileged_users | Reject |
vdp_sign_delivery_method | SMS |
vdp_sign_enabled | No |
dp_expiration_period | 0 |
secure_channel | Yes - Permitted |
act_msg_validity | 365 |
custom_request_body | No |
min_app_version | 0 |
secure_chal_req_pin | Yes |
secure_chal_template_no | 0 |
secure_chal_font_index | 0 |
secure_sign_req_pin | Yes |
secure_sign_template_no | 0 |
secure_sign_font_index | 0 |
secure_sign_show_response | Yes |
secure_sign_show_warning | No |
delayed_activation_period | 0 |
activation_delayed_notification | No |
activation_completed_notification | No |
activation_notification_delivery_method | SMS |
min_lock_duration | 30 |
lock_duration_multiplier | 150 |
max_unlock_tries | 0 |
user_info_sync | No |
static_pwd_max_age | 42 |
static_pwd_min_age | 1 |
static_pwd_expiration_notification | 8 |
push_notification_request_method | KeywordPassword |
push_notification_request_keyword | push |
authuser_max_thread_suspend | 30 |
vdp_challenge_message | enter one-time password |
push_notification_message_title | logon request |
push_notification_message_subject | authenticate to [servicename] |
nested_groups_enabled | No |