Password Management
The Password Management page allows you to set parameters for passwords, login notifications, and the session timeout.
Note: You need the System Administrator role to configure Tenable Nessus settings. For more information, see Users.
|
Setting |
Default |
Description |
|---|---|---|
| Password Complexity | Off | Determines whether Tenable Nessus passwords must have a minimum of eight characters, and at least three of the following: an upper case letter, a lower case letter, a special character, and a number. |
|
Session Timeout (mins) |
30 | Defines the web session timeout in minutes. Tenable Nessus logs users out automatically if their session is idle for longer than this timeout value. |
|
Max Login Attempts |
5 |
Defines the maximum number of user login attempts allowed by Tenable Nessus before the application locks the account out. Setting this value to 0 disables this feature. |
| Min Password Length | 8 |
Defines the minimum number of characters for passwords of accounts. |
| Login Notifications | Off |
Determines whether Tenable Nessus can see login notifications. Login notifications allow the user to see the last successful login and failed login attempts (date, time, and IP), and if any failed login attempts have occurred since the last successful login. |
Tip: You can configure the password management settings from the nessuscli. For more information, see nessuscli fix --set <password_setting>=<value> in the Nessuscli topic.