Password Policies

Enabling Password Policies

To use password policies go to Settings / Security page

800

Strong Password Policy

Strong passwords:

  • should be minimum eight characters
  • should consist at least three of uppercase letter, lowercase letter, numbers or symbols
  • can not contain localPart of the user's email address.
  • can not contain domain (without extension) of the user's email address.

📘

If you enable strong password policy, users who have not a strong password, have to change password to a strong password on next login.

Password Expiration Policy

You can specify expiration days. When the password is expired, the user have to change the password on next login.

Password History Policy

If you enable password history policy. Users can not reuse the last three passwords

Captcha Protection

When a user enters wrong password ten times in a minute, Captcha protection will be enabled and the user will not able to login without captcha verification.