As an administrator, you can ensure a higher level of protection against unauthorized access by setting specific restrictions on internal directory user passwords.
The password policy only applies to users native to your internal directory. It has no effect on users synchronized from LDAP directories or single sign-on identity providers. Similarly, it doesn't apply to passwords that were already set before configuring the password policy.
To configure a password policy for an internal directory:
Go to Administration
> User management.From the sidebar, select User directories.
From the Operations column, select Password policy. Here, you can choose one of the three available options:
No password requirements - the equivalent of having no password policy. This is the default.
Recommended - requires passwords to be at least 8 characters long. This recommendation is made based on the NIST Special Publication 800-63C Appendix A.
Custom - lets you use your own settings.
Custom password policy settings
If you decide on the Custom option for your password policy, make sure to check out the list of available settings below. All these settings are optional and, if left blank, won’t have any effect on the passwords allowed by the policy.
Password length | |
|---|---|
Minimum number of characters | Minimum number of characters that a password must contain. |
Character type requirements | |
小文字 | Minimum number of lowercase letters that a password must contain. |
大文字 | Minimum number of uppercase letters that a password must contain. |
数字 | Minimum number of digits that a password must contain. |
特殊文字 | Minimum number of special characters that a password must contain. |
Mandatory requirements | The amount of requirements from the Character type requirements section a password must meet. For example, if you select at least 1 mandatory requirement and use the following settings:
All of the following passwords would be valid:
|
概要
コンテンツ ツール
アプリ