✖

Related Products
ADManager Plus

Active Directory Management & Reporting
Download | Demo
ADAudit Plus

Real-time Active Directory Auditing and UBA
Download | Demo
ADSelfService Plus

Self-Service Password Management
Download | Demo
EventLog Analyzer

Real-time Log Analysis & Reporting
Download | Demo
Exchange Reporter Plus

Exchange Server Auditing & Reporting
Download | Demo
AD360

Integrated Identity & Access Management
Download | Demo
Log360

Comprehensive SIEM and UEBA
Download | Demo

Password Policy Enforcer

The password policy settings enhance security by defining rules for creating strong passwords. You can establish standards to prevent users from using common passwords and ensure the passwords they create adhere to the security and compliance requirements of your organization. From a security standpoint, this approach offers several advantages:

Enhanced protection: Implementing password policies strengthens the overall security of your systems and data. It ensures that passwords are not easily guessable, adding an additional layer of security against unauthorized access.
Complexity: Password policies often mandate complexity, requiring the use of a combination of uppercase and lowercase letters, numbers, and special characters. This complexity makes it harder for attackers to crack passwords through brute force or dictionary attacks.
Preventing common passwords: Policies can include checks to ensure that commonly used and easily guessable passwords, such as, "password" or "123456" are not allowed. This helps safeguard against predictable choices.
Compliance: Many regulatory requirements and security standards mandate the implementation of strong password policies. Adhering to these policies ensures compliance.

How the password policy will be applied

For users registered in Identity360's Universal Directory, the password policy configured in Identity360 will be enforced.
For users sourced from other directories, the password policy configured in that directory will be applied.
Identity360 enables administrators to enforce robust password policies, ensuring that even if Azure AD has weaker password requirements, when an admin resets a user's password, it will align with Identity360's strong password policy, validating that the organization's security standards remain consistent.

To configure the password policy

Navigate to the Settings tab > Management Settings > Password Policy Enforcer.
In this section you can manage:

Characters: Limit the use of special characters, numbers, uppercase and lowercase letters, and unicode characters in passwords. You can also specify the initial character requirement and prohibit the use of numerals as the last character.

Repetition: Restrict the use of consecutive characters from the username or the repetitive use of characters.

Length: Specify the minimum and maximum password length.

Patterns: You can choose to restrict certain patterns such as keyboard sequences, and disallow the use of palindromes.

You also have the option to allow users to bypass password complexity requirements when the password length exceeds a predefined limit, for example, 20 characters.
You can require passwords to meet a minimum number of complexity rules from the options provided above and opt to enforce specific rules as mandatory.

Previous Topic Next Topic