The framework provides the following features to help in securing the passwords in your system:
| Feature | Description |
|---|---|
| Password strength | Ensures that users are choosing good, strong passwords. To meet the security needs of a particular system, the Password Strength property in the authentication scheme’s Global Password Configuration property sheet allows for the customizing of password strength for a particular scheme. |
| Account lockout | Prevents a user from logging in after a specified number of failed login attempts. The UserService provides a way to customize lockout properties. |
| Password expiration | Prevents users from using passwords indefinitely. Password expiration settings are configured using the authentication scheme’s Global Password Configuration property as well as by changing individual user properties. |
| Unique login requirement | When the Allow Concurrent Sessions property on a user record is changed from true (its default) to false, only one person may login with each set of credentials. This feature increases security by stopping credential sharing. People are forced to use unique accounts. |
| Password History | Prevents a user from choosing a previously-used password. Authentication schemes can be configured to remember users’ previously used passwords. |
| Password reset | Ensures that a new user creates (resets the default) a brand new password known only to that user. The password reset feature is also useful to ensure that a new password policy is enforced for all users. The Force Reset At Next Login property in the user’s property sheet requires a user to change their password. |