Technical data
14 Managing Security
14-62 Administration Guide
Table 14-20 Password Protection Attributes
Attribute Description
Minimum Password Length Number of characters required in a password.
Passwords must contain a minimum of 8
characters. The default is 8.
Lockout Enabled Requests the locking of a user account after
invalid attempts to log in to that account exceed
the specified Lockout Threshold. By default, this
attribute is enabled.
Lockout Threshold Number of failed password entries for a user that
can be tried to log in to a user account before that
account is locked. Any subsequent attempts to
access the account (even if the username/password
combination is correct) raise a Security exception;
the account remains locked until it is explicitly
unlocked by the system administrator or another
login attempt is made after the lockout duration
period ends. Invalid login attempts must be made
within a span defined by the
Lockout Reset
Duration
attribute. The default is 5.
Lockout Duration Number of minutes that a user’s account remains
inaccessible after being locked in response to
several invalid login attempts within the amount of
time specified by the
Lockout Reset
Duration
attribute. In order to unlock a user
account, you need to have the
unlockuser
permission for the
weblogic.passwordpolicy. The default is
30 minutes.