Define SMP SAML Client Password Policy

The application developer must have added enforcement code to the application DataVault to enforce the password policy. The administrator enters the application password policy that is used to unlock the DataVault during application initialization.

The client password policy applies only to the application password that is used to unlock the DataVault during application initialization; it has nothing to do with SAP Mobile Platform security profiles or the back-end security systems with which they integrate. Password policies for back-end security systems are administered by customer information technology departments using their native security administration tools.

To define the SMP SAML password policy:

  1. Login to SMP Management Cockpit and select Applications.
  2. For an application, select Settings, Configure, CLIENT POLICIES.
  3. Select Enable Passcode Policy.
  4. Enter this information:
    Property Default Description
    Expiration Days 0 Number of days a password is valid before it expires.
    Minimum Length 8 Minimum password length required.
    Retry Limit 10 Number of attempts allowed when entering an incorrect password. After this number of attempts, the client is locked out, and the DataVault and all its contents are permanently deleted, the application is permanently unusable, and its encrypted data is inaccessible.
    Minimum Unique Characters 0 Minimum number of unique characters required in the password.
    Lock Timeout 300 Number of seconds the DataVault remains unlocked within the application, while the application remains inactive.
    Default Passcode Allowed Disabled Indicates whether a default password can be generated by the DataVault; from the user's point of view this policy turns off the password.
    Has Digits Disabled Indicates whether the password must include digits.
    Has Lower Disabled Indicates whether the password must include lower case letters.
    Has Upper Disabled Indicates whether the password must include upper case letters.
    Has Special Disabled Indicates whether the password must include special characters.
    Fingerprint Allowed Disabled Indicates whether you can unlock the application with a fingerprint.
  5. Click Save.