IBM Security Privileged Identity Manager, Version 2.0

Password policies

A password policy defines the password strength rules that are used to determine whether a new password is valid.

A password strength rule is a rule to which a password must conform. For example, password strength rules might specify that the minimum number of characters of a password must be 5. The rule might also specify that the maximum number of characters must be 10.

A password policy sets the rules that passwords for a service must meet, such as length and type of characters allowed and disallowed. Additionally, the password policy might specify that an entry is disallowed if the term is in a dictionary of unwanted terms. To select this choice in the user interface, you must first load a dictionary.ldif file into the IBM® Security Privileged Identity Manager.

You can specify the following standards and other rules for passwords: