NetX provides several security layers and various configuration options to meet modern security requirements.
Session key configuration
When users successfully log in to NetX, they are provided with a session key to access data within the application. By default, user session keys are valid for 30 minutes; that duration is extended as long as the session key is being used to make calls back to the server. Administrators can modify this behavior to meet security requirements with the following properties:
Property | Description |
---|---|
user.sessionDuration
|
This property controls the time in minutes that the internal session keys remain valid. Please only change this value if you know what you are doing as it can affect the security of your installation. The default timeout is 30 minutes. Value options: number Requires restart? Yes |
Login attempt restrictions
By default, accounts are locked after 10 failed login attempts; and locked accounts remain locked for 30 minutes. Both these can be adjusted with the following properties:
Property | Description |
---|---|
user.failedLoginAttemptThreshold |
Any integer value is valid; setting this to zero will disable any login failure attempt blocking. Value options: number Requires restart? Yes |
user.failedLoginAttemptTimeout
|
Any positive, non-zero integer value is valid; measured in minutes. Value options: number Requires restart? Yes |
Additionally, any login attempt to a non-existent account is automatically locked to thwart any brute-force attacks.
Strict passwords
NetX has several password complexity options. By default, passwords must be at least 8 characters in length. Here are further password configurations that can tighten security:
Changing password restriction settings will not affect existing users until they (or an administrator) attempt the next password change on the account.
Property | Description |
---|---|
sys.minimumPasswordLength |
This property checks the minimum length required for passwords; the default value is 8 (characters). Does not require a restart. Value options: number Requires restart? No |
sys.passwordPattern |
This property value can be specified by providing a number and a letter, separated by commas. The number designates the number of instances of that character required; and the letter designates the type of character required. As an example, a valid value is: "2N,3U,2L"; this would require two numbers, three upper case, and two lower case characters in every password. Requires a restart to take effect. The following are considered "special characters": ! @ # $ % ^ & * ( ) + = _ - { } ? : ; < > . | [ This property requires a restart before it will take effect. Value options:
Requires restart? Yes |
NetX password security features
- Password length, a minimum of 8 characters.
- Password complexity includes the use of alpha, numeric and special characters.
- Maximum invalid account login attempts: 1
- Account lockout thresholds: 10
- Inactive session timeout: 30 minutes
- Passwords are encrypted while in transit using standard cryptographic methods: SSL.
- Passwords are encrypted or hashed in storage using standard cryptographic methods: PBKDF2.