Modifying the default password policy

A user who is assigned the system-administrator role can modify the default password policy from the System Administration > RBAC > Password Policy page in the UI.

  1. Click Create.
  2. Modify any of the following fields:
    • Minimum Length: the minimum length of a password
    • Minimum Lowercase Characters: the minimum number of lowercase characters
    • Minimum Special Characters: the minimum number of symbols or special characters
    • Password History the number of passwords to keep and validate against
    • Minimum Uppercase Characters: the minimum number of uppercase characters
    • Minimum numbers: the minimum number of numerical characters
    • Allow Username : specifies whether the username can be used as a password
    • Password Expiry: the duration, in days, for a password to remain valid
    • Hashing Algorithm: select from ARGON2, PBKDF2-SHA512, PBKDF2-SHA256, or PBKDF2 (the default)
  3. Modify the lockout policy settings.
    • Maximum Login Failures: the maximum consecutive failed login attempts before account lockout
    • Failure Wait Duration: duration, in seconds, to wait after reaching the maximum login failures before retry is allowed
    • Permanent Lockout: Lock the account permanently after maximum number of failed logins
    • Reset time (Required): Duration, in seconds, after which failed login attempts are reset