In cooperation with Comarch ERP Enterprise, Comarch POS supports the feature of extended password policy. The feature makes it possible to specify the allowed number of logon attempts and, in case there are too many unsuccessful attempts, to lock the POS workstation until it is unlocked by a manager (authorized user). New configuration options related to password policy aim to minimize the risk of an unauthorized person’s logging in to the system.
Allowed number of attempts
In the ERP system, it is possible to adjust a parameter specifying the permissible number of unsuccessful logon attempts or password changes; if the number is exceeded, the application will be locked.
On the basis of this parameter, the system controls the number of invalid passwords entered in the context of a given user; the control is performed in the windows displayed in the following cases:
- User logon
- Screen blockade
- Authorization
- Password change
If an invalid password is entered, the application displays the notification: “The password given is invalid. Remaining attempts: x” (where x is the number of specified allowed attempts minus attempts already made).
If the number of unsuccessful logon attempts is exceeded, the application is locked; in such a case, the blockade window needs to be unlocked by an authorized person.
If the user once again enters invalid logon details on this screen, the application blocks the possibility to renew the logon attempt for 2 minutes (a screen timer will count down the remaining blockade time).