Show Contents / Index / Search

Password Pane

Getting there

From the password pane, you can configure both traditional password authentication and keyboard interactive authentication.

Note: Items on this pane can be configured globally or as part of a subconfiguration.

Password authentication

 

Allow

When Password authentication using keyboard interactive is not selected, the server allows only traditional password authentication.

When Password authentication using keyboard interactive is selected, the server allows both traditional password authentication and keyboard interactive authentication.

 

Require

When Password authentication using keyboard interactive is not selected, the server requires traditional password authentication.

When Password authentication using keyboard interactive is selected, the server requires keyboard interactive authentication.

 

Deny

Denies both password authentication and keyboard interactive authentication, regardless of whether Password authentication using keyboard interactive is selected.

Retries

 

Note: When Password authentication using keyboard interactive is not selected, these settings apply to traditional password authentication only; when selected, these settings also apply to keyboard interactive authentication.

 

Number of password attempts

Sets the maximum number of password attempts allowed.

If the client is configured to allow a larger number of attempts, the client user sees the larger number of prompts, but the value specified here sets the actual limit.

If the client is configured to allow a smaller number of attempts, the client sets the actual limit.

 

Delay between tries (seconds)

Sets the number of seconds the server should wait to send an additional password prompt after a client password authentication failure.

Password authentication options

 

Note: When Password authentication using keyboard interactive is not selected, these settings apply to traditional password authentication only; when selected, these settings also apply to keyboard interactive authentication.

 

Permit empty passwords

Specifies whether the server allows password authentication by users with empty (null) passwords.

Note: Empty passwords must also be supported in your Windows Group Policy configuration.

 

Allow password change

Specifies whether users are allowed to change their password during authentication.

Subconfiguration Features

 

Reload inherited settings

Removes subconfiguration-specific values from all settings on this pane. All settings values revert to their current inherited state.

Note: This change is not finalized until you save your configuration using File > Save.

 

non-inherited setting icon (asterisk) (asterisk)

Indicates that the value of a setting is specific to the current subconfiguration. The server always applies the specified value, regardless of any subsequent changes you make to global or inherited settings.

Related Topics

Configure Password User Authentication

Configure Keyboard Interactive User Authentication