Password policies help you define the characteristics of passwords of various strengths, which can then be used to enforce strong passwords on resources. Apart from the default policies, you can create your own based on your requirements. The built-in password generator can generate passwords compliant to the defined policies.
Password Generator randomly generates password based on the rule set by the administrator - for example, minimum number of characters, alphanumeric characters, mixed case, special characters etc. Every password input field in PMP has the password generator along-side and the policy that is set as system default will be used to generate passwords, unless directed otherwise.
Password policy for PMP can be centrally managed from the "Admin" tab:
- Go to "Admin >> Customize >> Password Policies"
- By default, three policies - Low, Medium and Strong are available in PMP indicating the relative strength of the passwords. Low represents the passwords with less strict constraints, medium with a few strict conditions and strong with very strict conditions. The three default policies cannot be edited or deleted
- You can set any one of the policy as the default policy -that is, when the user tries to change the password of a resource/account, the default policy would be enforced and the user would be forced to enter a password as per the policy. To set a policy as the default policy, just click the "set as default" icon present against the policy
You can create you own password policy based on your requirements. To create a password policy,
- Click "Add Policy"
- In the form that pops-up, provide a name for your policy, enter a description, specify the minimum and maximum password lengths, specify if mixed-cases, special characters are to be enforced and how many such special characters, specify if the password has to start with an alphabet, if login name could be used as password, how many old passwords are to kept in archives and the Password Age - i.e. the time limit (in days) up to which the password is valid. After the validity period, the password would expire
- Click "Save"
- How does a Password Policy get enforced in PMP?
This question naturally arises when you are in the process of adding a resource. The following example would provide the answer: If your intention is to have accounts with strong passwords, others with admin privileges should not disturb this intention while changing the password. So, this step is crucial. If you want to enforce policy at time of resource addition itself, see "General Optional Settings" for details.
Applying Password Policies to Resources in Bulk
You can apply any password policy to many resources in bulk at one go.
- Go to "Resources" tab
- Select the resources for which you wish to apply the same password policy
- Click the link "Set Password Policy" from "More Options" listing
In the UI that opens up,
- Select the required policy from the drop-down
- Click "Save"
Once you do this, the chosen password policy would be applied to all the selected resources in bulk. In case, any of the chosen resources were associated with a password policy already, this action would simply overwrite the previous policy.