Password Policy

On the Password Policy page are settings to use to set password requirements. Each field has an info icon that explains its use. Some password policy rules, such as length and complexity, apply when passwords are set. Changes to those rules will take effect the next time a user changes his or her password. Other rules, including minimum and maximum age, only apply when the account is created. To change those, the account must be deleted and recreated.

Minimum password character length cannot be less than six. Eight is the default minimum set.

Maximum Age (the number of days a password is valid until it must be changed) only applies when the account is created. If the default value (90 days) is changed after account creation, existing accounts must be deleted and recreated for the change to apply.

Password Complexity

If enabled, passwords must contain at least one uppercase letter, one lowercase letter, one number, and one other symbol. Additionally, new passwords must contain at least 4 characters that were not present in the previous password, and passwords cannot contain any variation on the user’s username or real name.

Using a character delimiter, such as a colon (:), comma (,), period (.), semi-colon (;), or slashes (\ /) can result in the password not saving correctly.

To change from the default values, move the Status key to the enabled position and then change the default value. A blue toggle indicates an enabled field. When finished, click Stage Changes and then Apply Configuration.