Kerio Connect Administrators can implement a strong complex password requirement, enable password expiration limit, and protect users against password guessing attacks.
Users may not be able to login to their accounts it the weak (easy) password was chosen. That's why it's recommended to follow best practices for securing Kerio Connect user passwords.
Creating Strong User Passwords
Strong user passwords should be long and complex. The following guidelines may help you in advising your users:
- Passwords should be at least 8 characters long.
- Passwords should contain all of the following:
- Lowercase letters
- Uppercase letters
- Special characters
- Users should change their passwords often.
Generating Strong Passwords
Kerio Connect can generate strong passwords for your users:
- Go to the Users section.
- Select a user and click Edit.
- On the General tab, click Generate.
- Copy the generated password and give it to the user.
- Click OK.
Note: the password change or reset is done without any confirmation message or email.
Requiring Complex Passwords
In Kerio Connect, you can force local users to create strong and complex passwords. Follow the steps in this article on Requesting Complex Passwords for Local Users in Kerio Connect.
Enabling Password Expiry
To secure local user passwords, you can enable password expiration. Once this is set, the users are prompted to reset their password at the end of each interval that you defined. See this article on Enabling Password Expiry for Local Users to get more information on the process.
User password changes can be tracked using the manual process described in Monitor Password changes.
Protecting Against Password Guessing Attacks
Kerio Connect can block IP addresses attempts that are suspicious of password guessing attacks. Three unsuccessful attempts in one minute are taken as suspicious. The timeout resets after 5 minutes. Refer to this article on Login Guessing Protection for more information on how to make the necessary settings.