tencent cloud

Feedback

Username-password authentication

Last updated: 2023-12-22 11:42:07

    Scenarios

    Customer Identity and Access Management (CIAM) supports authenticating users with their usernames and passwords.

    Steps

    1. Log in to the CIAM console and select Authentication management -> General authentication source in the left navigation pane.
    2. On the General authentication source page, click Create authentication source.
    img
    
    3. On the Create authentication source page, select Username-password authentication and click Next.
    img
    
    4. On the Create authentication source page, configure the icon, name, attribute, and description of the authentication source, and then click Next.
    Note:
    Authentication source icon: The icon displayed in lists and portals. Click Upload again to change the default icon.
    Authentication source name: A name to identify the authentication source.
    Authentication source attribute: The user attribute used to verify the identities of users during username-password authentication.
    Authentication source description: A brief description of the authentication source.
    img
    
    5. On the Create authentication source page, configure the parameters and click OK to create the authentication source.
    img
    

    Policy configuration parameter description

    Configure password policy
    Select password policy: Specifies the required strength of passwords set by users. 5 password policies are supported. By default, the required strength is strong.
    Password history: Historical passwords. Do not use passwords repeatedly in a short period. The valid range of values is 1-128.
    Password lock
    Password lock: If the password lock is enabled, the number of failed login attempts will be restricted.
    Lockout threshold: This field is required if the password lock is enabled. If a user's failed login attempts exceed the specified limit, the user is locked and cannot log in until they are unlocked. The valid range of values is 1-999.
    Retry period: This field is required if the password lock is enabled. If a user exceeds the lockout threshold within the specified period, the user is locked. The valid range of values is 1-99,999 hours.
    Auto-unlock time: This field is required if the password lock is enabled. The time to wait before a locked user is unlocked. The valid range of values is 1-999,999 minutes.
    Verification code
    Verification code: If verification codes are enabled, when a user exceeds the maximum number of consecutive failed login attempts, verification code-based verification will be automatically enabled.
    Max attempts: This field is required when verification codes are enabled. If a user's failed login attempts exceed the specified limit, verification code-based verification will be enabled for login. The valid range of values is 1-999.
    Note:
    If the password lock is enabled at the same time, we recommend that you set this field to a value smaller than the lockout threshold. Otherwise, a user may be locked before a verification code is triggered.
    Test password strength After configuring a password policy, you can enter a test password to verify whether it meets the password policy.
    img
    
    Contact Us

    Contact our sales team or business advisors to help your business.

    Technical Support

    Open a ticket if you're looking for further assistance. Our Ticket is 7x24 avaliable.

    7x24 Phone Support