Managing password policies

A password policy is a set of rules designed based on your organization's security requirements to enhance computer security by encouraging users to employ strong passwords and use them properly. You can add multiple password policies for the different users and, if required make the changes in existing password policy.

About this task

When you change the password policy, the updates take effect immediately. So next time you reset a user password or when users change their passwords, the passwords must be compliant with the new policy.

Procedure

  1. Log in as administrator on Verify.
  2. Select Security > Password policies.
  3. Click Create policy.
  4. Under general settings section specify Password policy name and Description (optional).
  5. Click Next.
  6. Specify following Password Strength details:
    Parameters Description
    Passwords minimum character length Set the minimum mandatory length for a password. The default minimum mandatory number of characters for a password is eight. Increasing the number of mandatory characters increases the strength of the passwords.
    Require alphabetic character Select Require alphabetic character check box and set the minimum number of alphabetic characters required for a password.
    Require numeric and special characters Select Require numeric and special characters check box and set the minimum number of numeric and special characters for a password.
  7. Click Next.
  8. Specify following Password Security details:
    Parameters Description
    Set maximum password age Select the Set maximum password age check box and set the maximum number of days for password expiration. The default maximum password expiry number is 90 days.
    Set minimum password age Select the Set minimum password age check box and set the minimum age for password expiration. The default minimum password expiry age is 30 hours.
    Disallow reuse of passwords Select the Disallow reuse of passwords check box to prohibit users from reusing the passwords. This will also allow to set the number of attempt after which the user can reuse the password.
    Lock account after failed login Select the Lock account after failed login check box to set the number of attempts allowed for user to login and password lockout duration.
    Number of attempts allowed Set whether a password can be used to authenticate after a specified number of consecutive failed login attempts. You can specify the number of consecutive failed attempts that lock the account. By default minimum 05 number of attempts are allowed.
    Password lockout duration (in minutes) Set the account lockout duration before the next attempt so that another password can be submitted for authentication. The minimum password lockout duration is 10 minutes.
  9. Click Create policy. The new password policy is reflected in the list.
  10. Hover the password policy row to perform following operations:
    1. Click View setting icon to edit the password policy, make necessary changes and click Save changes.
    2. Click Delete icon to permanently remove the respective password policy.

    Note: The password policy can not be deleted if it is assigned to any other identity source such as Cloud Directory.