The Internal IDMS stores the user passwords in the database using the bcrypt package with the salt value from the master key that was added during the cloudtamer.io initial configuration. You can specify an optional MFA requirement, the number of days before the password expires, and whether to lock user login after consecutive failures. The number of failed login attempts and the duration of the lockout are both configurable to meet your organization’s desired specifications.
To add a new Internal IDMS:
- Select Users > Identity Management Systems.
- Click Add New.
- In the Select an IDMs type drop-down menu, select Internal.
- In the Name field, enter a name to describe the IDMS.
- In the Select MFA drop-down menu, choose an MFA to enforce. This is optional.
- In the Password Expiration field, specify how long you want passwords to be valid before forcing the user to change them. A value of 0 will disable password expiration.
- Toggle on the Lock User Login After Consecutive Failures field to reveal options to control failed user login attempts. This is optional. If you turn this on, you'll see options to set the Number of Consecutive Failures Before Lockout, where you can enter a value for the number of failures you'll allow. You can also toggle on the Enable Login After Duration field to allow users to attempt logging in once a set period of time has elapsed. Set the number of minutes for this by entering a value into Lockout Duration in Minutes.
- Click Create IDMS.
You can now create users and associate them with the IDMS.