Example: Password Policy Example
The following example is a possible password policy that you can create.
- Valid for 10 days
- Minimum of 10 characters in length
- Maximum of 20 characters in length
- Must have at least two special characters
- User must change default password during initial log in
- Number of passwords to keep in history
Using the preceding example, the user is given a user name and a password by the system administrator. The user logs in using the user name and password provided and is prompted to change the password. If the user fails to provide a password with at least 10 characters, more than 20 characters, or without at least two special characters, the system prompts the user for corrections. Once all conditions set in the password policy are met by the user changing the password, the system saves the new password and allows the user access. Each user account can have only one password policy associated with it, but you can apply one password policy to multiple user accounts.
In addition to the password policy changes in the interface, you can change the number of times that a user can fail to log in correctly before locking the user account of the user that is attempting to log in.
For example, if the number of consecutive log in attempts before failing is set to three, and you type the wrong password three times, you cannot log in using that specific computer. You can log in using any other computer that has access to the system.