Password complexity overview
Password Complexity enforces the use and configuration of a complex password, and offers more stringent password policies. This feature complies with the UCR-2008 standard for system passwords. Password Complexity performs checks while configuring the password and provides user alerts based on the configuration of the password expiration. By default, Password Complexity is disabled.
The Password Complexity feature offers the following:
-
Enable or disable password configuration and complexity features.
-
Configure minimum password length.
-
Configure password history specifications. Password modification requires re-authentication of user identity where the old password is required to change the password.
-
Configure global as well as per user specific password aging interval.
-
Notification for password expiration (alert before expiry, at expiry, and grace period).
-
Configure additional number of subsequent logon attempts after password expiry. By default, three attempts within a configurable grace period (default 30 days).
-
Minimum wait period before password change (default 24 hours).
-
When the user establishes a session for the first time, they are prompted to change the password and the session is denied if the user does not comply.
-
Enabling or disabling the display of the last successful or unsuccessful log-on information