Manage password strength
Advanced password management helps to keep your user access secure. If you’re not using an external service, such as LDAP to manage user passwords, you can instead enable a strong password policy through the internal directory.
On this page:
Configure your password policy
You can select one of three options to configure your password policy. If you don’t wish to alter your password policy, you can keep the default option of No password requirements. For a stronger password policy, you can choose from the other two options.
The strongest password policy is the Custom policy, which lets you configure a number of password requirements, outlined in the table below.
Custom policy options | Description |
|---|---|
Lowercase letters | A password must contain the minimum number of lowercase letters that you specify in this field. More than the minimum is also allowed. |
Uppercase letters | A password must contain the minimum number of uppercase letters that you specify in this field. More than the minimum is also allowed. |
Digits | A password must contain the minimum number of digits that you specify in this field. More than the minimum is also allowed. |
Special characters | A password must contain the minimum number of lowercase letters that you specify in this field. More than the minimum is also allowed. Special characters are all characters that are not letters or digits. |
Mandatory requirements — all | All: A password must meet all four of the listed requirements. At least 3: A password must meet at least three of the listed requirements. At least 2:A password must meet at least two of the listed requirements. At least 1: A password must meet at least one of the listed requirements. |
See the section further down the page for some examples of these custom options.
To configure your password policy, follow the steps below.
Select
, then General configuration._cogAdministration
Under Users & Security on the left, select User Directories.
The User Directories window will display a list of your existing directories.Locate the internal directory you wish to work with.
Hint: check that the column for Type displays Internal.Under Operations on the right, select the Password Policy link.
The Password policy options will be displayed.Select one of the three options, using the information on this page to help you choose what’s the most appropriate.
Select the Save button to save your changes.
Your new password policy will be activated for new users, and for existing users if they change their password.
Note that an existing user with existing password that doesn’t meet your new criteria can keep using that password. They will not be prompted to change it. However, if they decide to change their password, they will be required to meet the new password policy requirements.
Examples of custom options
The table below shows some examples of passwords when the password length is set to 8, and all four rules are set to 2. If only one mandatory requirement is set, as long as the password length rule is met, any password will pass the mandatory requirement. See the bullet points below for some explanations:
qwerty fails because it’s too short.
password contains at least two lowercase letters, so it passes one mandatory requirement.
Qwerty123 contains at least two lowercase letters and two numbers, so it passes two mandatory requirements.
Qwerty123## contains at least two lowercase letters, two numbers, and two symbols, so it passes three mandatory requirements.
Qwerty123##Qwerty meets all four mandatory requirements.
Password | Mandatory requirements — at least 1 | Mandatory requirements — at least 2 | Mandatory requirements — at least 3 | Mandatory requirements — all |
|---|---|---|---|---|
qwerty |
|
|
|
|
1234 |
|
|
|
|
password |
|
|
|
|
Password |
|
|
|
|
qwerty123 |
|
|
|
|
Qwerty123 |
|
|
|
|
Qwerty123## |
|
|
|
|
Qwerty123##Qwerty |
|
|
|
|
