search

Password policies

This document provides an overview of password requirements, reuse limits, and expiration rules for user accounts.

Password policies define password requirements for user accounts.

hashtag
Password complexity

  • at least 8 characters

  • no easy patterns or repeats (for example, 111111, aaaaaa, 12345, qwerty)

  • no personal data or common words (for example, names, birth dates, computer, LAN, USER)

  • at least one character from each group:

    • uppercase English letter (A–Z)

    • lowercase English letter (a–z)

    • number (0–9)

hashtag
Password history and expiration

  • you can’t reuse a password for 12 months (default, configurable)

  • you can’t reuse the last 5 passwords (default, configurable)

  • if you don’t change your password for 90 days (default), you must change it before signing in

circle-info

Admins can make the policy stricter. See How to change password or session policy?.

To update your password, see Password update.

PreviousSign InNextApplication tokens

Last updated