Configure the password policy
Use the Password Policy page to configure your user-password policy to meet your organization’s security requirements.
Field descriptions
NOTE These settings apply only to passwords managed by Workforce Optimization. Passwords handled by an external identity provider (IdP) via single sign-on adhere to that IdP’s unique password policy.
Field | Description |
---|---|
Minimum password length |
The minimum number of characters a user’s password must be for your organization. The Workforce Optimization minimum password length is eight characters. Default value = 8. |
Prevent reuse of the last ___ passwords |
Select this check box to prevent users from setting a password that matches any of a specified number of previous passwords. Default value = 5 |
Require new password after ___ days |
Select this check box to require users to set a new password after a specified number of days. You are notified upon login if your password is set to expire within seven days. If your password expires, you must set a new password the next time you log in. Default value = 90. NOTE If you shorten the expiration period, you can cause existing passwords to expire. For example, if you shorten the expiration period from 90 days to 60 days, passwords that are older than the new 60-day limit will become expired. |
Lock user account after ___ failed login attempts |
Select this check box to lock a user’s account after a specified number of failed login attempts. If a user’s account becomes locked, that user will be unable to log in until they reset their password, or an administrator unlocks the account or resets the password. Default value = 5. A user with the Administer Password Policy permission can unlock an account from the Users page (see Manage Users). NOTE If a user’s account is locked, login will be disabled through both Workforce Optimization and single sign-on. However, an account only becomes locked following failed Workforce Optimization login attempts. Failed single sign-on login attempts are handled by the IdP. NOTE This option is enabled by default for new customers starting with Version 10.0 Update 2017.9. Customers who configured their password policy before the release of Version 10.0 Update 2017.9 will maintain those settings. |
Some additional password complexity requirements are not configurable. These requirements are described below.
Passwords must conform to the following rules.
- Must be a minimum of 8 characters.
-
Must contain at least one of each of the following.
Uppercase letters
Lowercase letters
Numbers 0-9
Special characters! # $ % & ( ) , . / : ; = ? @ ^ ` |
- Cannot contain your name or email address.
NOTE Passwords do not expire.