The customer administrator are enabled to define the password requirement for the AT&T GSM app, by defining the policy in AT&T GSMS portal. In order to set the password requirement:

1. Login to the AT&T GSMS.

2. Navigate to: Company Setup > Customer Information > Company AT&T GSM Preference.

3. Select one of the below options for the field 'Require password':

Below is the description of what these options mean to you:

Password Settings Level

Logical Co-Relation

ROOT LEVEL

*Values defined at ROOT level can be modified and affects values that USER level can set

USER LEVEL

1.

Specify the password's minimum length (values can range between 4 - 8; default value being 8).

Specify password's minimum length (values can range between X - 8; default value being 8.

Here X refers to the value defined at the ROOT level. The USER level password length cannot be less than the minimum value defined at ROOT level or in this case 8.

2.

Specify the password's maximum length (values can range between 8 - 24; default value being 24).

Specify password's maximum length (values can range between 8 - Y; default value being 24.

Here Y refers to the value defined at the ROOT level. The USER level password length cannot be more than the maximum value defined at ROOT level or in this case 24.

Support all alphabetic and numeric characters both Uppercase, Lowercase Letters and Special characters.

3.

Specify the minimum number of Lowercase letters allowed in a password (value can range between 1-24; default value being 1).

Specify the minimum number of Lowercase letters allowed in a password (value can range between A- 24; default value being 1).

Here A refers to the value defined at the ROOT level. The USER level password cannot have a minimum lowercase letter count that is less than the value defined at Root level or in this case 1.

4.

Specify the minimum number of Uppercase letters allowed in a password (value can range between 1-24; default value being 1).

Specify the minimum number of Uppercase letters allowed in a password (value can range between B-24; default value being 1).

Here B refers to the value defined at the ROOT level. The USER level password cannot have a minimum uppercase letter count that is less than the value defined at Root level or in this case 1.

5.

Specify the minimum number of Numeric characters allowed in a password (values can range between 1-24; default value being 1).

Specify the minimum number of Numeric characters allowed in a password (values between C-24; default value being 1) where C is value defined at ROOT level.

Here C refers to the value defined at the ROOT level. The USER level password cannot have a minimum Numerical character count that is less than the value defined at ROOT level or more than the maximum numeric count in this case 1.

6.

Specify the minimum number of Special characters allowed in a password (values can range between 1-24; default value being 1).

Specify the minimum number of Special characters allowed in a password (values can range between D-24; default value being 1). where D is value defined at ROOT level.

Here D refers to the value defined at the ROOT level. The USER level password cannot have a minimum Special character count that is less than the value defined at ROOT level or in this case 1.

7.

Order Time-out time in units (unit range as Hours, Minutes or Seconds; default unit being Minutes).

Order Time-out time in units (unit range as F {Hours, Minutes or Seconds; default unit being F).

Here F refers to the unit defined at the ROOT level. USER level can choose one of the three drop-down options. The USER level time-out unit cannot deviate the value set at ROOT level.

For Example:

•If the ROOT level time-out unit is defined in seconds, the USER level time-out unit cannot be defined in minutes or hours and is restricted to only seconds.

•If the ROOT level time-out unit is defined in minutes, the USER level time-out unit cannot be defined in hours and is restricted to only minutes and seconds.

•If the ROOT level time-out unit is defined in hours, the USER level time-out unit can be set to any valid value in hours, minutes or seconds.

8.

Password Timeout Time Unit

Order Time-out numbers are the values that are set for the above "Time-out time in units".

Minimum to maximum Value ranges are:

•Seconds :  1 - 60

•Minutes : 1 - 60

•Hours : 1 - 24

Order Time-out numbers are the values that are set for the above "Time-out time in units".

Value ranges are as follows:

Here E refers to the maximum value set at the ROOT level. Based on the above "Time-out time in units" parameter, the value set at ROOT level affects the value USER level can set.

•If the Order's time-out unit is set as only seconds then the values can range from 1 - E seconds (USER cannot enter a value greater than E in the seconds options. Hours and minutes options is invalid). Based on the ROOT level value set, the USER is given an error message when there is a logical mismatch.

For Example: If the ROOT sets the maximum seconds value range between 1 - 45{E} seconds, the USER level cannot set values below 1 or above 45 seconds. Minutes and hours options become invalid here.

•If the Order's time-out unit is set as only minutes then the values can range from 1 - E minutes (USER cannot enter a value greater than E in the Minutes options, however it is valid to choose any value from 1 - 60 by choosing the seconds option. If choosing the unit as Hours, USER level can set a max value of 1). Based on the ROOT level value set, the USER is given an error message when there is a logical mismatch.

For Example: If the ROOT has set that maximum minutes value range between 1 - 30{E} minutes, the USER level cannot set values below 1 or above 30 minutes but can set the seconds from 1 - 60. Choosing hours options makes 1 as the only options USER level can enter if ROOT level has set the maximum range of Minutes from 1 - 60.

•If the Order's time-out unit is set only as hours then the values can range from 1 - E hours (USER cannot enter a value greater than E in the hours options, however is given the freedom to choose any value from 1 - 60 in both the minutes and seconds drop-down). Based on the ROOT level value set, the USER is given an error message when there is a logical mismatch.

For Example: If the ROOT has set that maximum range of hours allowed as 3 - 15 hours, the USER level cannot set values below 1 or above 15 but can set minutes or seconds from 1 - 60.

9.

Number of Failed password entry attempts allowed (values can range between 1-12, default value being 7).

Number of Failed password entry attempts allowed (values can range between 1-G, default value being G).

Here G refers to the value defined at ROOT level. The number of failed password attempts at USER level cannot be more than the value defined at ROOT level.

For Example: If the value for failed password attempts set at ROOT level is 7, the USER level value for this parameter cannot be less than 7.

10.

Password Expiration

Number of days / months / years after which password expires and a new password must be created. (values can range among days, months and(or) years. Default value being months).

Password expiration (values can range between H- days, months, years, default value being H)

Here H refers to the value defined at ROOT level. USER level can choose one of three options from the drop-down. The unit for this parameter can defined as follows:

•If the ROOT level unit is specified as days, the USER level unit is also limited to days.

•If the ROOT level unit is specified as months, the USER level unit is also limited to months.

•If the ROOT level unit is specified as years, the USER level unit is also limited to years.

11.

Frequency at which the Password expires. Minimum to maximum values ranges are :

•Days : 1 - 365 (default value being 7)

•Months: 1 - 12 (default value being 7)

•Year: 1 - 3 (default value being 1)

Frequency at which the Password expires. Minimum to maximum values ranges are :

•Days : 1 - I

•Months : 1 - I

•Years: 1 - I

Value ranges are as follows:

Here I refers to the value defined at ROOT level. This is the maximum range of values associated to previous "Password Expiry" parameter that can be entered depending on the unit chosen.

•If the password expiry is defined only in days then the values range from 1 - I (USER is allowed to enter a value range between 1 to 365). Based on the ROOT level value set, the USER is given an error message when there is a logical mismatch.

For Example: If the ROOT has set that maximum range of days to be chosen between 1 - 250 days, the USER level cannot set values below 1 or above 250.

•If the password expiry is defined only in months then the values can range from 1 - 12 (USER is allowed to enter a value range between 1 to 12. The days option can also be chosen as unit from the drop-down but the values are restricted equivalent to the number of months that have been set at ROOT level). Based on the ROOT level value set, the USER is given an error message when there is a logical mismatch.

For Example: If the ROOT has set the maximum range of days to be chosen between 1 - 8 months, the USER level cannot set values below 1 or above 8. The days have to be entered accordingly (as per this example, number of days can be chosen from 1 - 243 (considering 1 month is approx. 30.4 days) and Years can be chosen as 1 if the max ROOT level value for Months is 12 (considering 12 Months = 1 Year).

•If the password expiry is defined only in years then the values can range from 1 - X (USER is allowed to enter a value range between 1 to X. The months and days can also be chosen from the drop down but the values are restricted to equivalent months set at the ROOT level). Based on the ROOT level value set, the USER is given an error message when there is a logical mismatch.

For Example: If the ROOT has set that maximum range of years to be chosen between 1 - X days, the USER level cannot set values below 1 or above X. The days can be chosen as X x 365 or months as X x 12.

12.

Checking for previously used passwords during a new password creation (values range between 1-12, default value being 4)

Checking for previously used passwords during a new password creation (values range between J-12, default value being J)

Here J refers to the value defined at ROOT level. The ROOT level has defined a fixed number of checks that needs to be done by the system to make sure that the previous used number (For Example : previous 4) of passwords are not being re-used while creating a new password. The USER level passwords cannot overrule this value that has been set at the ROOT level.

13.

Password logic definition (default logic being: Password length between 8 and 24 characters within which the password must contain at least one lowercase letter, at least one uppercase letter and at least one numeric digit).

Password logic definition (default logic being K).

Here K refers to the logic defined in the ROOT level.

USER level passwords cannot overrule the ROOT level password logic defined.

For Example:

ROOT Level Password Logic: Password length between 8 and 24 characters within which the password must contain at least one lowercase letter, at least one uppercase letter and at least one numeric digit.

USER Level Password Logic: Password cannot be less than 8 and greater than 24 characters. Must match all of the three additional ROOT level criteria:

•At least one lowercase letter

•At least one uppercase letter

•At least one numeric digit

If any one of the above criteria is not met then the USER is restricted from successfully creating a valid new password.