Overview
This article provides information on the essential practices to secure users and their passwords in Kerio Connect.
Process
Here are the primary elements of the Kerio Connect Password Policy.
- Advise users to create strong passwords.
- Require complex passwords (for local users).
- Enable password expiry (for local users).
- Protect against password guessing.
Creating Strong User Passwords
Strong user passwords should be long and complex. The following guidelines may help you in advising your users:
- Passwords should be at least 8 characters long.
- Passwords should contain all of the following:
- Lowercase letters
- Uppercase letters
- Numbers
- Special characters
- Users should change their passwords often.
Generating Strong Passwords
Kerio Connect can generate strong passwords for your users:
- Go to the Users section.
- Select a user and click Edit.
- On the General tab, click Generate.
- Copy the generated password and give it to the user.
- Click OK.
Requiring Complex Passwords
In Kerio Connect, you can force local users to create strong and complex passwords. Follow the steps in this article on Requesting Complex Passwords for Local Users in Kerio Connect.
Enabling Password Expiry
To secure local user passwords, you can enable password expiration. Once this is set, the users are prompted to reset their password at the end of each interval that you defined. See this article on Enabling Password Expiry for Local Users to get more information on the process.
Protecting Against Password Guessing Attacks
Kerio Connect can block IP addresses attempts that are suspicious of password guessing attacks. Three unsuccessful attempts in one minute are taken as suspicious. The timeout resets after 5 minutes. Refer to this article on Login Guessing Protection for more information on how to make the necessary settings.