Password Policy
Password Policies relate to the reuse of previous passwords and password expirations.
- It is configured at the Organisation level.
- Applies to all Users including the Super User.
- A User cannot set up a password for another User.
- A User can never view another User’s password.
- Users set their passwords.
- A password can be changed by the User of that password at any time.
- Forgotten passwords cannot be retrieved and must be reset.
Password Format
- Between 8 – 12 twelve characters in length.
- At least 1 uppercase character.
- At least 1 lowercase character.
- At least 1 numerical value.
- At least 1 special character.
An example of a valid password: 58MayBe$&
An example of an invalid password: maybe#
Reuse
When this policy is activated, a User cannot reset the password to his previously used password.
Password Expiry
The expiry policy can be switched on or off.
- Passwords can expire after 3, 6, or 12 months.
- The password must be changed before the expiry date.
- If the password expires it must be reset.
- Every time a new password period is set, the duration of the password validity period starts at the time of reset.
Comments
0 comments
Please sign in to leave a comment.