# ​How to Configure Password Policy

{% hint style="info" %}
This tab is available only in company accounts.
{% endhint %}

1. Verify at least one domain in the account.
   * The policy applies only to users in verified domains.
2. Open the admin panel → Password policy tab.
3. Update the policy settings and save your changes.

The updated policy applies to users with emails in verified domains.

You’re able to configure password and session policy for all users with verified domains in your account. You can make it more strict than default system configuration.

<figure><img src="/files/KnU4NgWn3YlJ24fpOVwQ" alt=""><figcaption></figcaption></figure>

### Password policy settings

Password settings define what passwords are accepted for users in verified domains. To make the policy stricter, tighten the limits below.

1. **Minimum password length** (`min-length`). Increase the value to require longer passwords.
2. **Maximum password length** (`max-length`). Decrease the value to reduce the allowed maximum length.
3. **Require uppercase letters** (`uppercase`). Increase the value to require more uppercase characters.
4. **Require lowercase letters** (`lowercase`). Increase the value to require more lowercase characters.
5. **Require digits** (`digit`). Increase the value to require more numeric characters.
6. **Require special characters** (`special character`). Increase the value to require more special characters.
7. **Do not allow repetition** (**Don't allow repeat**). If the limit is set to `3`, `111` or `aaa` is not allowed. To make this stricter, reduce the allowed repeat limit.
8. **Allow spaces in the password**. Disable it to disallow spaces.
9. **Do not allow forbidden passwords**. Enable it to block weak passwords from the forbidden list.
10. **Do not allow forbidden words**. Enable it to block passwords containing forbidden words.
11. **Enable password expiration** (`expiration-days`). Decrease the value to force more frequent password changes.
12. **Send password expiration notifications** (`notify-before-days`). Set how many days before expiration the user is notified.
13. **Do not allow password reuse for a period** (`prevent-reuse-months`). Increase the value to extend the reuse restriction period.
14. **Do not allow reuse of recent passwords** (`prevent-reuse-count`). Increase the value to block a larger number of previous passwords.

{% hint style="info" %}
When you increase character requirements, keep the total within the allowed password length. For example, `uppercase + lowercase + digit + special character` must not exceed `max-length`.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://support.docstudio.com/admin-panel/account-settings/how-to-configure-password-policy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.