Configuring the Password Policy

Important:

The following password policy is configured by default:

  • English letters: No restrictions

  • Digits: Enabled

  • Minimum length: 8

  1. Go to Control Panel > System > Security > Password Policy.
  2. Optional: Under Password Strength, configure any of the following password criteria.

    Criteria

    Description

    English letters

    Passwords must contain at least one letter.

    Select At least 1 uppercase and 1 lowercase to require at least one uppercase and one lowercase letter.

    Digits

    Passwords must contain at least one number.

    Special characters

    Passwords must contain at least one special character.

    Must not include characters repeated three or more times consecutively

    Repeating characters are not allowed. For example, AAA.

    Must not be the same as the associated username, or the username reversed.

    The password must not be the same as the username or the reversed username. For example, username: user1 and password: 1resu.

    Minimum length

    The password length must be greater than or equal to the specified number. The maximum length of a password is 64 characters.
  3. Optional: Require NAS users to periodically change their passwords.
    Important:

    Enabling this option disables Disallow the user to change password under user account settings.

    1. Select Require users to change passwords periodically.
    2. Specify the maximum number of days that each user password is valid.
    3. Optional: Select Send a notification email to users a week in advance of their password expiring.
  4. Click Apply.
Parent topic: Security