Valid password modes
There are two different cases in which the user of Cryptshare must choose from the permitted password modes.
- QUICK is disabled
Sets the permitted password procedures for performing a transfer.
- QUICK is activated
This is a transfer that is also used to activate a QUICK connection to the selected recipients.
It is possible to define different combinations of password modes, which are available to the user depending on the option selected above. In principle, for each option at least one valid password modes must be selected.
This option allows your users to send a transfer without having to deal with a password. Cryptshare still generates a secure password in the background and uses it to encrypt the transfer. But the password will be sent to the recipient in plain text as part of the download link in the notification email. So security is significantly lower. Anybody who gets access to the notification email in transit or in the recipient's mailbox will have access to the files without first having to contact the sender for a password. The level of encryption and protection on the Cryptshare Server is identical to transfers with auto-generated or manually created passwords.
This option allows the user to set a password manually. You can specify how secure the password has to be by defining which characteristics the password needs to fulfill.
This option will generate a secure password fulfilling all the requirements that you have set. The password will be shown to the user who can then copy it to the clipboard.
QUICK Mode Settings
This option determines which initial setting should apply to the transfer.
Activated: Activate this option if you want QUICK Mode to be activated by default.
Enabled if established: Activate this option if you want to activate the QUICK mode when all selected recipients already have a configured QUICK connection.
Deactivated: Activate this option if you want QUICK mode to be switched off by default.
QUICK mode changeable
Activate this option if the user should be able to change the state defined in QUICK Mode.
Security Requirements for passwords
Passwords must contain numbers
Enable this setting to force ciphers within the password.
Passwords must contain alphabetical characters
Enable this setting to force alphabetical characters within the password.
Passwords must contain special characters
Enable this setting to force special characters within the password.
Passwords must be upper and lower case
Enable this setting to force upper- and lowercase letters within the password
Passwords may not be common words
Enable this setting to countercheck the password, or parts of the password with a dictionary to force users not to use common words in the password.
The dictionary consists of English and German words and is applied independently from the language selected in the User Interface.
Customizing the dictionary
You can edit the dictionary and add or remove words which will be rejected as passwords. When adding a new word to the dictionary, please make sure to insert it into the correct line as Cryptshare expects the list to be sorted lexicographically (though capitalization is ignored). Be aware that the password check only considers words with a minimum length of four letters.
Windows: %programfiles(x86)%\befine solutions AG\Cryptshare-3\resources\lang\dict\words.lst
Character repetitions or character sequences are not allowed
Enable this setting to deny the use of character repetitions or sequences within the password. This applies to the following patterns:
|Keyboard Sequences||qwert, asdfg, etc.|
|Alphabetical Sequences||abc, xyz. etc.|
|Numeric Sequences||123 etc.|
|Character Repetitions||aaa, zzz, 111 etc.|
The patterns mentioned above are recognized as such beginning with a length of three characters.
Minimum/Maximum Password Length
Forces users to use a minimum/maximum number of characters for the password.
Effects on password generation
The minimum length also determines the length of the automatically generated passwords.
During password generation, compliance with the activated password rules (see above) takes precedence over the length specifications (minimum/maximum). This means, for example, if numbers, special characters, lowercase letters and uppercase letters are required, the generated password is at least four characters long, even if the maximum password length is smaller.
Whitespaces within passwords
This setting generally applies and is not visible in the Administration Interface. It forces the users not to use whitespaces within the password, such as 'tab', 'blank space' etc.
Blacklist Characters/Invalid Characters
Characters in this field will not be allowed independently of what has been configured above. If a user enters a password containing one of these characters, the password will not be accepted.
Only for automatically generated passwords
If this option is enabled the blacklist character list will not be taken into consideration for passwords entered manually. Only passwords generated automatically will be affected. This means, that automatically generated passwords won't contain any of the specified characters.
Please use this feature only if you are using the web frontend only.
Do not use this feature if you using any of our email integration products or APIs as this may currently lead to passwords being created or entered which are not accepted by the server. Future versions of our email integration add-ins, Robot and APIs will be able to work with the blacklisted characters correctly.
- No labels