How to specify user password complexity requirements

You can specify the complexity requirements users must meet when creating their user passwords. If you do not make any changes, the default requirements are enforced.

To specify the user password requirements:

  1. Log in to Admin Portal.
  2. Click Access > Policies.
  3. Select the relevant policy set or create a new one.
  4. Click User Security Policies > Password Settings.
  5. Specify the following user password requirements. Explanations for each option are available in the associated UI help.

    • Minimum password length (default 8)
    • Maximum password age (default 365 days)

      Users must have the “Enable users to change their passwords” policy (on the same UI page) set to Yes to reset their password (policy is set to Yes by default).

      If you have multifactor authentication enabled, users are prompted to create new passwords after they have fulfilled the multifactor authentication method.

      Enter 0 (zero) if you do not want to specify a password expiration period.

    • Password history (default 3)

      Enter 0 (zero) to let user use the same password.

    • Require at least one digit (default Yes)
    • Require at least one upper case and one lower case letter (default Yes)
    • Require at least one symbol (default No)
    • Show password complexity requirements when entering a new password (default No)

      The password complexity explanation/text string shown to Centrify Directory users is automatically discovered. For Active Directory, LDAP, and Google directory users, you must manually enter the explanation/text string in the associated text box.

  6. Click Save.