Password policy settings
This document provides an overview of password requirements, reuse limits, and expiration rules for user accounts.
Last updated
This document provides an overview of password requirements, reuse limits, and expiration rules for user accounts.
at least 8 characters
no easy patterns or repeats (for example, 111111, aaaaaa, 12345, qwerty)
no personal data or common words (for example, names, birth dates, computer, LAN, USER)
at least one character from each group:
uppercase English letter (A–Z)
lowercase English letter (a–z)
number (0–9)
you can’t reuse a password for 12 months (default, configurable)
you can’t reuse the last 5 passwords (default, configurable)
if you don’t change your password for 90 days (default), you must change it before signing in
Admins can make the policy stricter. See How to change password or session policy?.
To learn, how to update your password, see Password update.
Last updated