Password Policy Changes
With Session Monitor Release 5.2, changes in password policy have been introduced. Password Policy 1 and 2 present in the Secure password policy system setting are now considered insecure and are no longer available in Release 5.2. Only password policy 3 has been retained and, is the only and default option.
For existing users, if there are any users whose password is encrypted using password policy 1, then Session Monitor does not allow upgrade for such systems.
During the upgrade, a pre-test runs to check if any user has password
encrypted using password policy 1 – the upgrade fails with the
message:
Below users have an insecure password hash created using policy 1
Please change 'Secure password policy' to 3 in the 'System Settings' and change the passwords accordingly...If the above situation arises, then perform the following steps:
- Set the Secure password policy to 3 in the System Settings.
- Manually change the passwords of the users whose names appear in the message.
- Try to upgrade again. This time it should be successful. Post a successful upgrade, System Settings > Secure Password Policy is set to 3.
Savepoint Restore on Session Monitor
Release 5.2 will fail if any user has password encrypted
using password policy 1. Perform the fix as given below:
- Perform Step 1 and Step 2 given above.
- Re-create the Savepoint.
- Try to restore.