Pricing  Get Quote

Password Policies

CJIS Active Directory password policy requirements

Criminal Justice Information Services (CJIS) enables law enforcement professionals to access and share critical criminal justice information (CJI) including biometrics, identity history information, and case history. Any organization with access to CJI in any of it's forms must ensure that they comply with mandated CJIS regulations.

Protect CJI

To be CJIS complaint, organizations must enforce the password policy requirements mentioned in section 5 to authenticate Active Directory (AD) user accounts.

CJIS, section

This section specifies requirements for all domain user passwords used to login to the system through which CJI could be accessed.

Passwords should:

  1. Be a minimum of eight characters.
  2. Not be a dictionary word.
  3. Not be the same as the username.
  4. Expire within a maximum of ninety days.
  5. Not be identical to the previous ten passwords.
  6. Not to be transmitted outside the secure location.
  7. Not be displayed when entered.

Simplify CJIS compliance with ADSelfService Plus

ADSelfService Plus offers advanced password policy settings that makes sure that your company complies with the requirement of CJIS. You can create a custom password policy that meets all the CJIS requirements and enforce it to all or specific AD users based on their domain, OU, or group membership.


  1. Ban dictionary words and patterns: Blacklist leaked or weak AD passwords, patterns, and palindromes.
  2. Restrict characters from username: Restrict specific or repeated characters from the username.
  3. Enforce password history: Ensure password strength by enforcing password history during native password resets in the ADUC console.
  4. Set a custom password length: Enforce longer passwords for Windows domain users by specifying the minimum password length.


Password Policy Enforcer also enables admins to:

  1. Enforce OU and group-based policies: Granularly enforce multiple password policies in the same AD domain based on OU and group memberships.
  2. Create custom templates: Utilize 17 advanced password policy settings available to create multiple password policies that comply with PCI, HIPAA, CJIS, and NIST.

Protect FBI's sensitive data from cyber attacks by complying with CJIS password requirements.

  • Please enter a business email id
    By clicking 'Get Your Free Trial', you agree to processing of personal data according to the Privacy Policy.


Your download is in progress and it will be completed in just a few seconds!
If you face any issues, download manually here

ADSelfService Plus trusted by

A single pane of glass for complete self service password management