Views:

Some policies have controls to set a range of policy values, such as the minimum and maximum length for a password.

An example of editing policies with ranges is the Failed Login Attempts Allowed policy. Failed Login Attempts Allowed controls whether a device locks when a user exceeds the number of failed authentication attempts allowed.

Figure 1. Policy with Ranges Window

Using the parameters defined in the Policy Range fields, indicate the number of failed authentication attempts allowed per user in the Policy Value field.

  1. Right-click the policy to be modified and then click Properties.
  2. In the Minimum field, specify the lowest number of unsuccessful authentication attempts allowed by a user in this group before locking the device.
    Note:

    The minimum and maximum values for the policy range can be the same as the parent's range, or they can be modified with unique values. It is not possible to extend the minimum and maximum values.

  3. In the Maximum field, specify the highest number of authentication attempts that can be made by a user in this group before authentication fails and the device is locked.
  4. In the Policy Value field, specify the number of failed authentication attempts allowed for a user in this group before the device is locked.
  5. Click OK to save changes.

    The policy change is activated once the Endpoint Encryption agent synchronizes with PolicyServer.

Parent topic: Policy Overview