Base Policy

  • Parent policy: N.A.

The following are the configurable default settings of the base policy.

Base Policy—Default parameter settings
Parameter name Default value Description
static_pwd_min_length 8

Minimum Password Length

Sets the minimum length required for the static password.

Possible values: 09999
user_days_inactive 0

Maximum Days Between Authentications

This setting specifies the number of days a user account can remain inactive before it is suspended. If the account has been suspended, the user will not be able to log on. The user will be notified during authentication that the user account has been suspended. By default, a user account expires when no operations have been performed during the last 90 days.

You can reactivate a suspended user account with the Reset Last Authentication Time action in the USERS >User Account tab.

Setting this value to 0 effectively disables this feature. User accounts that are suspended at the time the feature is being disabled will become active again with the next successful user authentication.

Base Policy—Default parameter settings provides an overview of all other default settings. This overview is for reference only – some of these parameters cannot or should not be changed in OneSpan Cloud Authentication.

Base Policy—Default parameter settings
Parameter name Default value
dur No
autolearn No
stored_password_proxy No
assign_mode Neither
assign_search_up_ou_path No
appl_type No Restriction
local_auth None
backend_auth None
group_check_mode No Check
one_step_chal_resp No
one_stek_chal_checkdigit No
backup_vdp_enabled No
pin_change_allowed Yes
challenge_request_method Keyword
primary_vdp_request_method Password
backup_vdp_request_method KeywordPassword
backup_vdp_request_keyword otp
itimewindow 20
stimewindow 20
eventwindow 20
syncwindow 6
ithreshold 0
strhreshold 0
checkchallenge 1
onlinesg 0
create_time yyyy-mm-ddThh:mm:ssZ
modify_time yyyy-mm-ddThh:mm:ssZ
user_lock_threshold 3
offline_auth_enabled No
offline_time_interval 21
offline_max_events 300
dcr No
chg_win_pwd_enabled No
chg_win_pwd_length 16
client_group_mode No Check
second_otp_sync_enabled No
vdp_delivery_method SMS
radius_rep_attr_enabled No
radius_allowed_protocols Any
radius_session_lifetime 3600
radius_session_ticket_lifetime 86400
radius_session_ticket_reuse 48
static_pwd_diff_to_prev 4
static_pwd_min_lower_alpha 1
static_pwd_min_upper_alpha 1
static_pwd_min_number 1
static_pwd_min_symbol 0
staic_pwd_not_userid_based Yes
multi_dp_appl_validation_mode Multiple DIGIPASS Applications Allowed
privileged_users Reject
vdp_sign_delivery_method SMS
vdp_sign_enabled No
dp_expiration_period 0
secure_channel Yes - Permitted
act_msg_validity 365
custom_request_body No
min_app_version 0
secure_chal_req_pin Yes
secure_chal_template_no 0
secure_chal_font_index 0
secure_sign_req_pin Yes
secure_sign_template_no 0
secure_sign_font_index 0
secure_sign_show_response Yes
secure_sign_show_warning No
delayed_activation_period 0
activation_delayed_notification No
activation_completed_notification No
activation_notification_delivery_method SMS
min_lock_duration 30
lock_duration_multiplier 150
max_unlock_tries 0
user_info_sync No
static_pwd_max_age 42
static_pwd_min_age 1
static_pwd_expiration_notification 8
push_notification_request_method KeywordPassword
push_notification_request_keyword push
authuser_max_thread_suspend 30
vdp_challenge_message enter one-time password
push_notification_message_title logon request
push_notification_message_subject authenticate to [servicename]
nested_groups_enabled No