Configuring the Password Policy
The following password policy is configured by default:
-
English letters: No restrictions
-
Digits: Enabled
-
Minimum length: 8
- Go to Control Panel > System > Security > Password Policy.
- Optional:
Under Password
Strength, configure any of the following password criteria.
Criteria
Description
English letters
Passwords must contain at least one letter.
Select At least 1 uppercase and 1 lowercase to require at least one uppercase and one lowercase letter.
Digits
Passwords must contain at least one number.
Special characters
Passwords must contain at least one special character.
Must not include characters repeated three or more times consecutively
Repeating characters are not allowed. For example, AAA.
Must not be the same as the associated username, or the username reversed.
The password must not be the same as the username or the reversed username. For example, username: user1 and password: 1resu.
Minimum length
The password length must be greater than or equal to the specified number. Specify a value between 4 and 64 characters.
- Optional:
Require users to periodically
change their passwords.
Important:
Enabling this option disables Disallow the user to change password under user account settings.
- Select Require users to change passwords periodically.
- Specify the maximum number of days that each user password is valid.
- Optional: Select Send a notification email to users a week in advance before their password expires.
- Click Apply.