Password policies
User Password Requirements
•User can change password - If disabled, a password change is possible only when initiated by the administrator from the remote management console.
Password Characters
Policy setting |
Supported on OS |
Description |
|---|---|---|
Must use lowercase letters |
|
Password must contain at least one lowercase character (a-z). |
Must use uppercase letters |
|
Password must contain at least one uppercase character (A-Z). |
Must use numbers |
|
Password must contain at least one numeric character (0-9). |
Must use symbols |
|
Password must contain at least one special character (!@#$%). |
Minimum password length |
|
Defines the minimum required length of the password (1-127 characters). |
Password Retries
Policy setting |
Supported on OS |
Description |
|---|---|---|
Limit incorrect password attempts |
|
When disabled, incorrect password attempts are unlimited. It is not recommended to disable this setting for a long period due to security risk. |
Maximum incorrect password attempts |
|
The maximum value is 254. Maximum consecutive incorrect password attempts before the account is locked and a recovery password is required to set up a new password. |
Password Expiry
Policy setting |
Supported on OS |
Description |
|---|---|---|
Password expires |
|
When disabled, the user password does not have an expiration period. |
Maximum password age (days) |
|
A value between 1 and 999 days. The recommended range is between 30 and 90. |
Warn user when password is due to expire |
|
When disabled, the user is not warned by the product that their password is about to expire. |
Warn when period less than (days) |
|
A value between 1 and 999 days. Specify how many days before the password expiration is user warned. |
Recovery Password Options
Password Retries
Policy setting |
Supported on OS |
Description |
|---|---|---|
Limit incorrect password attempts |
|
When disabled, there is no limit on incorrect recovery password attempts. It is not recommended to disable this setting for a long period of time due to security risk. |
Maximum incorrect password attempts |
|
The maximum value is 254. Maximum consecutive incorrect password attempts before the account is locked and a recovery password is required to set up a new password. |
Recovery Password Uses
|
•All settings in this section are not enabled by default. Ensure you enable them manually. •All settings in this section are applied and take effect after the computer is decrypted and then encrypted again. |
Policy setting |
Supported on OS |
Description |
|---|---|---|
Limit use of Recovery Password |
|
When disabled, the same recovery password can be used repeatedly, until a new one is generated. |
Maximum uses |
|
The maximum value is 254. |
Warn user when recovery password limit is near |
|
When enabled, the user will be warned when the recovery password is near its expiration. |
Warn with uses remaining |
|
The maximum value is 255. |
Automatically generate new recovery password |
|
When enabled, a new recovery password will be generated automatically after the set remaining password uses are reached. |
Generate when (uses remains) |
|
The maximum value is 255. |