Minimize reset password request expiration duration [Updated in Security Center 1.3]

The password_reset.request.expiry denotes the time period in minutes during which a user must perform the password reset process.

Note: The setting for the password_reset.request.expiry property takes precedence over the setting for glide.pwd_reset.onetime.token.validityproperty that has a 12 hour default.

More information

AttributeDescription
Property name password_reset.request.expiry
Configuration type System Properties (/sys_properties_list.do)
Category Authentication
Purpose Denotes the time period in minutes during which a user must perform the password reset process.
Recommended value Set to an integer of 10 or less. The default value is 10.
Configuration type Integer values
Security risk (Moderate) If the property is not set to the recommended value of 10 or less, then it increases the opportunity for someone else to guess and use the request and attempt to reset the password.
Security risk rating 4.2
References Configure Password Reset properties

To learn more about adding or creating a system property, see Add a system property.