Password policies
Definition
For each password domain, Soffid allows you to create different password policies depending on the user type.
There are two kind of password policies.
- The first ones is for user selected passwords. This is the default behavior.
- The second one are system generated passwords. These policies are useful for shared accounts when using Enterprise Single Sign-on.
A password policy will also define how often the password needs to be changed and how many days are allowed to change it.
Regarding password complexity, you can specify the minimum and the maximum number of lowercase letters, uppercase letters, numbers, and symbols, as well as password length.
The administrator users can define a regular expression that must match each password. This can be used, for example, to ensure that the first password is not numeric.
More and more, administrators can create a list o forbidden words that cannot be used as passwords.
Password domain
Is a logical way of grouping managed systems that are sharing the same password for each user. If administrator chooses to have the same password for every system, only one password domain should exist. If administrator chooses to assign different password for each system, then a password domain should be created for each managed system.
Screen overview
&&TODO&&
Related objects
Standard attributes
Domain
- Code:
- Description:
Password policies
- Password domain:
- User type:
- Description:
- Password type:
- Change allowed:
- Query allowed:
- Valid period (days):
- Grace period (days):
- Length (min & max):
- Regular expression:
- Uppercase letters (min & max):
- Lowercase letters (min & max):
- Numbers:
- Symbols:
- Complexity:
- Passwords remembered:
- Forbidden words: