Configure Password Format Policy
You can configure users password formats and how to calculate their strength. For security reasons, users passwords should comply with a set of rules.
-
Click Security, then the Password Management tab.
The upper area of the page contains password format policy parameters:
-
Configure the passport format policy.
The possible values for each parameter are summed up in the following table:
Parameter Type Description Recommended value Allow password to contain username Check box If checked, a user's password can contain the user's username. Not checked Allow password to contain first name Check box If checked, a user's password can contain the user's first name. Not checked Allow password to contain last name Check box If checked, a user's password can contain the user's last name. Not checked Minimum length Integer The minimum number of characters in a password. Default = 8. >=8 Minimum number of digits Integer The minimum number of digits that a password should contain. Default = 1. >=1 Minimum number of letters Integer The minimum number of letters a password should contain. Default = 1. >=1 Minimum number of lowercase letters Integer The minimum number of lowercase characters that a password should contain. Default = 1. >=1 Minimum number of uppercase letters Integer The minimum number of uppercase characters that a password should contain. Default = 1 >=1 Minimum number of special characters Integer The minimum number of special characters selected from the list below that a password should contain. Default = 0. 0 Special characters allowed List List of special characters that a password can contain. Choose the required characters from a predefined list. The list contains the following characters:
!#=@[\]^_{|}$%&()*+-
All Note: Once a new password format policy is created, existing passwords will not be checked. - Click Apply.
When an end user fills in the password and confirm password fields, a check list will be displayed containing the configured rules. This check list will be updated dynamically as the end user types to allow the user to see which rules still have to be followed. Registration of the passport is authorized only once all rules have been followed.