How to find which password policy is used for the instances?

Aishwarya Selv1
Tera Contributor

‎07-20-2022 07:28 AM

There are 2 password policies in my instance (Default and Medium), I wanted to know which one is active and currently used in my instance?

In San-Diego version, active password policy is highlighted in green but Rome version didn't have any highlighted one so how will I find which password policy is used currently in my instance?

Labels:
0 Helpfuls
  • 3,504 Views
8 REPLIES 8

Community Alums
Not applicable

‎07-20-2022 07:33 AM

Hi @Aishwarya Selvam ,

The Password Policy plugin (com.glide.password_policy) is enabled by default. The policy goes into effect when a user changes or resets the password.

The Password Strength Preset field is automatically set to Default Strong. If you want to add new criteria, you can perform the following procedure.

If you customized your instance through the ValidatePasswordStronger installation exit or your Password Reset credential store pwd_cred_store property, then see password policy properties to know how to implement a password policy for your instance.

Note: The active password policy is highlighted for the Instance as shown.
Password Highlighted when set as active

To change the password policy navigate to All > Password Reset > Credentials Stores, select the credentials and change the Password policy field to the required policy input.

Procedure

  1. Navigate to All > Password Policy > Password Policies.
  2. Click New.
    The Password Policy form appears.
  3. Specify the Name for your password policy.
  4. In the Password Policy Criteria section, select one of the following presets from the Password Strength Preset field.
    Password Strength Preset Description
    Default Auto-populates the fields for required password characters as follows:
    • Sets Minimum Uppercase Character(s) to 1.
    • Sets Minimum Lowercase Character(s) to 1.
    • Sets Minimum Numeric Character(s) to 1.
    • Sets Minimum Special Character(s) to 0.

    The minimum password length is 8 characters, and the maximum is 100.
    Medium Auto-populates the fields for required password characters as follows:
    • Sets Minimum Uppercase Character(s) to 1.
    • Sets Minimum Lowercase Character(s) to 1.
    • Sets Minimum Numeric Character(s) to 1.
    • Sets Minimum Special Character(s) to 1.

    The minimum password length is 12 characters, and the maximum is 40.
    High Auto-populates the fields for required password characters as follows:
    • Sets Minimum Uppercase Character(s) to 1.
    • Sets Minimum Lowercase Character(s) to 2.
    • Sets Minimum Numeric Character(s) to 1.
    • Sets Minimum Special Character(s) to 3.

    The minimum password length is 8 characters, and the maximum is 100.
    Default Strong Auto-populates the fields for required password characters as follows:
    • Sets Minimum Uppercase Character(s) to 1.
    • Sets Minimum Lowercase Character(s) to 1.
    • Sets Minimum Numeric Character(s) to 1.
    • Sets Minimum Special Character(s) to 1.

    The minimum password length is 8 characters, and the maximum is 100.
    Custom Auto-populates the fields for required password characters as follows:
    • Sets Minimum Uppercase Character(s) to 1.
    • Sets Minimum Lowercase Character(s) to 1.
    • Sets Minimum Numeric Character(s) to 1.
    • Sets Minimum Special Character(s) to 1.

    The minimum password length is 8 characters, and the maximum is 100.

    You can also customize the Password Policy Script that is displayed.
    Advanced Selecting Advanced displays Password Rule Script and Password Strength Script. Based on your requirement you can customize these scripts.
    Note: Password policy is applied based on the selected preset.
  5. On the form, fill in the remaining fields.
    Password Policy form
    Field Description
    Minimum Password Length Minimum length of the password. This option is displayed for all the presets except for Advanced. Set this field to a minimum of 8–10 characters.
    Maximum Password Length Maximum length of the password. This option is displayed for all the presets except Advanced. Set this field to a maximum of 100 characters.
    Minimum Uppercase Character(s) Minimum number of uppercase characters in the password, from 0 to 10.
    Minimum Lowercase Character(s) Minimum lowercase characters in the password, from 0 to 10.
    Minimum Numeric Character(s) Minimum numeric of characters in the password, from 0 to 10.
    Minimum Special Character(s) Minimum number of special characters in the password, from 0 to 10.
    Included Special Characters Allow a restricted set of special characters without any delimiter.

    For example, if you enter $,!, then users can only use "$" and "!" as special characters in the password. No other special characters can be used. A password with other special characters is not allowed.
    Excluded Special Characters Allow a restricted set of special characters without any delimiter.
    For example, if you enter @$!, then users cannot use '@', '$' and '!' as special characters in their passwords.
    Note: This option is available if the glide.password_policy.use_excluded_special_char property is enabled.
    Disallow User Data Option to disallow user data that is authentication-related.
    Sequence Length Threshold The sequence length of your password.
    Repetition Length Threshold The repetition length of your password.
    Note:
    • Both the sequence length threshold and repetition length threshold can have a maximum of eight characters. These fields enable you to restrict weak combinations of passwords that have predictable and repeating sequences such as "123456", "qwerty", "!@#$%^", "aaaaa", and so on.
    • If Password Strength Preset is set to Default Strong, then the length for both sequence length threshold and repetition length threshold is set to four characters.
    Test Your Password Specify your actual password in this field.
  6. Click Test Your Password.
  7. After the password is tested as valid, click Submit to submit the password.
    Note: Always test your password before submitting.
0 Helpfuls

Community Alums
Not applicable
In response to Community Alums

‎09-09-2022 10:05 PM

Hi @Aishwarya Selvam ,

Any update to this ?Any follow-up required? if not

Kindly mark the answer as Correct & Helpful both such that others can get help.

Thanks,
Sandeep

0 Helpfuls

Yong Zeng Lee
Tera Contributor
In response to Community Alums

‎12-07-2023 07:03 PM

Hi @Community Alums ,

Im not able to locate the  All > Password Reset > Credentials Stores modules in my instance. May i know which plugins do i need to activate to see this module?

0 Helpfuls

rwhite
Tera Contributor

‎09-08-2022 01:49 PM

Thank you!  I am in San Diego and can see that the Default option is Active.  How do I turn on the Medium option for the Password Policies?

 

Thanks

Rachel