This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Saranya_0305
Participant
Tuesday

Clarification on Login Access and Password Reset After Expiration in Gaia Portal

I have only One user as "admin"

I have configured a Password policy in Gaia Portal with the following parameters.

Password Length:14
Disallow Palindrome : Enabled
Require 3 character types
Histort length :10
Password Expires after :90 days
lock out user after password expirataion : 30 days
Warn Users before :7 days
Deny Access to unused accounts :enabled
Days of non-use before lock-out :30 days
Deny access after failed login attempts: enabled
Block admin user: Disabled
Max number of failed attempts: 5
Allow accessafter this time :300 seconds

I have one doubt like, if I unfortunately didn't notice the password expiration.

Then after 120 days am I able to login to Gaia and CLI or can I have option to change the password?

0 Kudos
4 Replies
G_W_Albrecht
Legend Legend
Legend
Tuesday

As long as this only concerns a GW or Secondary SMS, you can reset the admin password as shown here: https://support.checkpoint.com/results/sk/sk106490

For primary SMS i would suggest a special rescue admin: Define a very good admin password with very long validity and do not give it away to anybody, store it safely. If admin expires, you can use that account to define admin PW again (and delete and redefine rescue admin if you want).

 

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
Lesley
Mentor Mentor
Mentor
Tuesday

Would recommend to make test account and play with that one. Just change the days a bit lower like 2 -3 days if possible. 

-------
If you like this post please give a thumbs up(kudo)! 🙂
0 Kudos
the_rock
Legend
Legend
Tuesday

Its pretty much what you mentioned, but yes, it would depend if you want to lock the user or not. By default, it would warn about password change 7 days before.

Andy

 

Screenshot_1.png

0 Kudos
PhoneBoy
Admin
Admin
Tuesday

According to the above settings:

  • User will be force to change the password after 90 days
  • If the user does not log in after 120 days ("expires" plus "lock out"), then the account will be locked (thus unable to log in)

 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events