Password Policy Enforcer

The Password Policy Enforcer feature of ADSelfService Plus allows you to set a custom OU based password policy for your organization and force the users to strictly adhere to it. This feature solves the issue of weak passwords, which can be detrimental to the security of your organization.

It provides a slew of options for a customizable, stringent password policy. Once configured, it even renders an interactive UI for users to ensure that their new passwords are compliant with the policy that you have set. It contains a wide range of complexity rules, compared to the default set provided in Active Directory, to further strengthen the passwords.

Steps to ConfigurePassword Policy Enforcer:

    The complexity requirements available to create your custom password policy are:

    • Password length

      Minimum number of characters in a password

      Maximum number of characters in a password

    • Password Complexity Rule

      No. of special characters to include

      Use upper, lower cases and numbers in the password

      Begin the password with a letter

      Disallow reuse of a character thrice, consecutively( For example: aaa,111)

      Disallow use of five consecutive characters from user name

    • Pattern Rule

      Prevent using a palindrome as the password

      Disallow use of certain patterns( For example: qwerty, 12345, abc)

    • Dictionary Rule

      Avoid using dictionary words

    • Unicode Rule

      Use Unicode characters

    • Incremental Password Rule

      Prevent using 5 consecutive characters similar to the previous password

    • Passphrases Rule

      Use passphrases (In this case, all other rules are exempted)

    • History Rule

      Prevent usage of (n) previously used passwords

      Note: ADSelfService Plus encrypts all passwords used by the user using SHA 512 and stores them in the ADSelfService Plus database. When the password is reset, the new password is encrypted and the hash is checked with the recent (n) old passwords. If it matches, the user will be asked to choose a different password.



Click Customize view to change the display text of the policy requirements in Reset and Change password screens. It lets you to set unique display texts for different platforms (Web portal, iOS/Android apps, GINA/CP screen). You can also set the order in which the policy requirements will be displayed to the user.

Copyright © 2019, ZOHO Corp. All Rights Reserved.