Enable password reset policy checks [Updated in Security Center 2.0]
Use the glide.enable.password_policy property to enable password policy checks whenever a user changes their password using the user interface.
To define which password policy to use once this property is enabled, see Enable password policies on your instance. Ensure the Glide Property glide.enable.password_policy exists and is set to the value true. If the property does not appear in the sys_properties table, add a new record.
주:
The glide.enable.password_policy does not apply when an
administrator changes a password or adds a user through script.
경고:
This is a safe harbor property, meaning the value can't be altered once it's changed. It is non-revertible.
More information
| Attribute | Description |
|---|---|
| Property name | glide.enable.password_policy |
| Configuration type | System Properties (/sys_properties_list.do) |
| Category | Authentication |
| Purpose | To apply password policy at time of password change. |
| Recommended value | true (for higher strength passwords) |
| Security risk rating | 7.4 |
| Functional impact | Setting the property to true turns on password policy checks when a user resets their password. |
| Security risk | (Moderate) Without a password policy, a user can create a weak password which increases the likelihood of an adversary gaining access to the instance. |
Steps to configure
If you configure this setting in the Hardening Compliance Configuration page in the
Instance Security Center:
- Under Medium, Select Session Management.
- In the Enable Password Reset Policy Check setting, select Medium for medium strength passwords, or Strong for more robust, higher strength passwords. Selecting one of these options sets the glide.enable.password_policy property to true and starts a workflow that automatically updates your password policy.
Additionally, you can set the glide.apply.password_policy.on_login system property to enable password policy checks at the time of log in.