Complex password policy rules overview
The topic provides information about the complex password policy rules and how the cumulative password rules are displayed in the Identity Manager Service Center.
A password policy defines the password rules that are used to determine whether a new password is valid.
- When a user selects an account, the password policy rules for that account are displayed.
- If user selects multiple accounts, Identity Manager Service Center combines policies for the accounts that user selected and displays the password rules in cumulative format.
- If the password policy associated with an account that user selected contains the complex
password rules selected, then the password requirements also contain the rules that are associated
with the complex password rules. Complex password policy rules contain four categories out of which
three categories must be satisfied for a valid password. Following are the four categories for the
complex password policy.
- Uppercase letter [A-Z]
- Lowercase letter [a-z]
- Number [0-9]
- Nonalphanumeric characters:
~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
- The cumulative list of password rules is displayed in the Password Requirements section of the Identity Manager Service Center user interface.
There might be password rule conflicts. The first password policy that is associated with an account sets the maximum length to 2 characters. Another password policy that is associated with the selected account enables the password complexity rule. In this scenario, a valid password cannot be created that satisfies both the conditions. That means to create the valid password, the first policy requires maximum 2 characters and another policy with the complex password rule requires minimum 3 characters.