Managing Password Policies

Set the minimum and maximum password lengths. By default, a password must contain 8 to 18 characters. The minimum and maximum password lengths range from 8 to 50 characters.

Set the types of characters that a password must contain. For example, a password must contain at least three types of the following: digits, uppercase letters, lowercase letters, and special characters.

The following special characters are supported: ~!#$%&+-,*:;<=>@_?^`./

Configure whether to allow consecutive identical characters in a password and how many such characters are allowed. By default, a password cannot contain consecutive identical characters. If you enable this option, set the maximum of consecutive identical characters allowed from 1 to 10. Value 1 indicates that consecutive identical characters are not allowed in a password.

Configure whether to allow user information in a password. By default, this option is disabled. If you enable this option, the password of a user cannot contain the username, mobile number, or email prefix of the user.

Configure whether to check weak passwords. If you enable this option, passwords included in the weak password list are not allowed.

Set the number of unsuccessful login attempts to lock users out if the number is reached during login. The value ranges from 1 to 10, and the default value is 10.

If the number of login failures exceeds the threshold, the sliding verification code is enabled. The threshold is automatically calculated as one-third of the number for locking an account.

Set a duration to unlock users after users are locked out. The value ranges from 1 to 1440 minutes, and the default value is 3 minutes.

Configure whether the password of a user can be the username spelled backwards. By default, this option is disabled. If you enable this option, the password of a user cannot be the username spelled backwards.

Configure whether to allow a password to be a historical password. By default, this option is disabled. If you enable this option, the password of a user cannot be one of the specified number of historical passwords. The value ranges from 1 to 10, and the default value is 5. For example, value 3 indicates that a user cannot set the last three passwords that the user has previously used, when the user sets the new password.

Configure whether to prompt users to change their passwords when the passwords are about to expire. By default, this option is disabled. If you enable this option, users will be prompted to change their passwords when the passwords will expire in a specific number of days. After the passwords expire, users will be required to change their passwords when they log in to the user portal. The default password validity period is 120 days. Set a validity period greater than or equal to 1 day. The default number of days for prompting password change is 5 days. Set a number greater than or equal to 1 and less than or equal to the password validity period.

The password expiration setting keeps user accounts secure.

To enable this function, you need to add valid contact information of the user. Otherwise, the user cannot be notified. After the function is enabled, you can choose to automatically generate a password.

Notifications can be sent by email or SMS message. For email notifications, you need to configure the email gateway first by referring to Email Gateway. If both email and SMS are selected, the system preferentially sends notifications to users by email.

A maximum of seven days can be set.