Administrator Documentation

Set password policy restrictions

From the Admin Tools menu, click Password Policy.
On the Password Policy page, select any of the following restrictions:
- Password Reuse Policy - Prevents the user from re-using old passwords. You must specify a number of recently used passwords for the system to check.
- Derivation of Password From User Identity Fields - Prevents the user from creating a password containing their username, first, middle, or last name, or org defined ID.
- Password Age Rules - Select a minimum password age to require users wait a certain number of days between password changes. Select a maximum password age to require users change their passwords after a certain number of days has elapsed since their last password change. You can enable the sending of a password expiry reminder email for the maximum password age restriction.
- Password Complexity Rules - Specify password complexity rules by selecting from a set of existing rules (including setting a minimum password length and requiring users include a set number of character classes in their passwords) or creating a validation regular expression.
Click Save.

This is the bullhorn icon used for warnings.

ImportantPassword policy changes only apply to new users or to users who change their passwords after the policy is enforced. Existing passwords are not affected.

To apply the updated policy to existing users, you must reset their passwords. Learn how to reset users passwords to enforce the new policy.