Password policy management
The Password Policy tab in Site Administration enables you to manage the password polices of your site (for on-premises) or customer (for SaaS) users.
Permission
To access the Password Policy tab, you should have the following permissions:
-
On-premises: Site admins
-
SaaS: Site admins or customer admins, or have the User Management > Set User Authentication Policy permission.
Add a policy
Add a password policy and define a custom set of restrictions for the password policy. You can create a policy or copy from an existing policy.
To add a policy:
-
Open the Site Administration > Password Policy tab.
-
Click the add policy button .
Alternatively, you can copy from an existing policy:
-
From the All Policies list, hover over the policy to copy from.
-
Click Clone Policy .
-
-
Enter the policy name and click the check button .
-
Define the restrictions for the policy.
For details about restrictions, see Policy restrictions.
To rename or delete a policy:
-
From the All Policies list, hover over the policy to rename or delete.
-
Click Rename Policy or Delete Policy .
You cannot delete the default policy or any policy that have users associated with it.
Policy restrictions
The following table explains the restrictions you can apply to your password policies.
Restriction On | Details |
---|---|
Alphabetic characters |
The following restriction controls whether a password must contain a minimum number of alphabetic characters. |
Lower case letters |
The following restriction controls whether a password must contain a minimum number of lower-case letters.
Valid values: Enter an integer no less than 1. |
Upper case letters |
The following restriction controls whether a password must contain a minimum number of upper-case letters. Valid values: Enter an integer no less than 1. |
Numeric characters |
The following restriction controls whether a password must contain a minimum number of numeric characters. Valid values: Enter an integer no less than 1. |
Minimal length Maximal length |
The following restriction controls whether a password must be no shorter and no longer than a specific length. Valid values: Enter an integer no less than 8 for the minimum length, and an integer bigger than 8 for the maximum length. |
Unsuccessful login attempts |
Note: When you use both the restrictions at the same time, a user is locked when either of the restriction is reached. |
Similarity to previous passwords |
|
Resetting password |
The following restriction controls:
Valid values: Enter an integer between 1 and 90 (inclusive) for the every <number> days field, and a number between 0 and 90 (inclusive) for the <number> days before field. If you enter 0 for the <number> days before field, it means no notification email is sent to remind the expiry date. |
Frequency of changing password |
The following restriction controls the allowed maximum times of changing passwords within a specific time period. |
Similarity to login name |
|
Similarity to full name |
|
Similarity to email |
|
Repeating same character |
The following restriction controls whether a password can contain a maximum occurrences of the same character: |
Repeating substring |
The following restriction controls whether a password can repeat a string, including:
|
Special characters |
The following restriction controls whether a password must contain a minimum number of special characters: Allowed special characters include $, #, and @. |
Beginning character |
The following restriction controls whether a password must begin with an alphabetic (a to z) or a numeric character (0 to 9). |
Set default policy
The default password policy is assigned automatically to new users.
To set a policy as the default policy:
-
From the All Policies list, select the target policy.
-
Click Set as Default Policy , and click OK in the confirmation dialog box.
The default policy is indicated by the green DEF icon.
Assign a policy
All users are by default assigned the default policy. You can assign a different policy to users globally or individually.
If a user's password does not follow the rules of the policy assigned, the user is prompted to update the password in the next login.
To assign a policy globally:
-
From the All Policies list, select the target policy.
-
Click Assign Policy to All Users , and click OK in the confirmation dialog box.
The policy is assigned to all site users (for on-premises) or all users of the active customer (for SaaS).
To assign a policy individually:
You can assign a policy to users individually by updating the Password Policy field in the user's details.
For details, see Update user details.
See also: