Predefined Password Policies
You can customize predefined password policies to meet your own requirements, if necessary.
Password for logging into
The password policy " password policy" is used for logging into . This password policy defined the settings for the system user passwords (DialogUser.Password and Person.DialogUserPassword) as well as the access code for a one off log in on the Web Portal (Person.Passcode).
The password policy " password policy" is also labeled as the default and is used when no other password policy is found.
Password policy for forming employees' central passwords
An employee's central password is formed from the target system specific user accounts by respective configuration. The password policy "Employee central password policy" defines the settings for the central password (Person.CentralPassword).
|
|
IMPORTANT: Ensure that the password policy "Employee central password policy" does not violate the target system specific password requirements. |
Password policies for target systems
A predefined password that you can apply to the user account password columns, is provided for every target system.
|
|
NOTE: When you update version 7.x to version 8.0, the configuration parameter settings for forming passwords are passed on to the target system specific password policies. |
|
|
IMPORTANT: If you are not working with target system specific password policies, the default policy applies. In this case, ensure that the password policy " password policy" does not violate the target system requirements. |
The password policy "Azure Active Directory password policy" is predefined for Azure Active Directory. You can apply this password policy to Azure Active Directory user accounts (AADUser.Password) of an Azure Active Directory tenant.
If the tenants' password requirements differ, it is recommended that you set up your own password policies for each tenant.
Editing Password Policies
To edit a password policy
-
Select the category Manager | Basic configuration data | Password policies in the Azure Active Directory.
-
Select the password policy in the result list and select Change master data in the task view.
- OR -
Click
in the result list toolbar.
- Edit the password policy's master data.
- Save the changes.
Detailed information about this topic
- General Master Data for a Password Policy
- Policy Settings
- Character Sets for Passwords
- Custom Scripts for Password Requirements
General Master Data for a Password Policy
Enter the following master data for a password policy.
|
Property |
Meaning | ||
|---|---|---|---|
|
Display name |
Password policy name. Translate the given text using the | ||
|
Description |
Spare text box for additional explanation. Translate the given text using the | ||
|
Error Message |
Custom error message outputted if the policy is not fulfilled. Translate the given text using the | ||
|
Owner (Application Role) |
Application roles whose members can configure the password policies. | ||
|
Default policy |
Mark as default policy for passwords.
|
button.Policy Settings
Define the following settings for a password policy on the Password tab.
|
Property |
Meaning |
|---|---|
|
Initial password |
Initial password for new user accounts. If no password is given when the user account is added or a random password is generated, the initial password is used. |
|
Password confirmation |
Reconfirm password. |
|
Min. Length |
Minimum length of the password. Specify the number of characters a password must have. |
|
Max. length |
Maximum length of the password. Specify the number of characters a password can have. |
|
Max. errors |
Maximum number of errors. Set the number of invalid passwords. If the user has reached this number the user account is blocked. |
|
Validity period |
Maximum age of the password. Enter the length of time a password can be used before it expires. |
|
Password history |
Enter the number of passwords to be saved. If the value '5' is entered, for example, the last 5 passwords of the user are saved. |
|
Min. password strength |
Specifies how secure the password must be. The higher the password strength, the more secure it is. The password strength is not tested if the value is '0'. The values '1', '2', '3' and '4' gauge the required complexity of the password. The value '1' demands the least complex password. The value '4' demands the highest complexity. |
|
Name properties denied |
Specifies whether name properties are permitted in the password. |