Address Manager administrators can enable and configure a password policy and a
login policy to enforce specific rules when users are setting their passwords and logging
into Address Manager
What's a password policy?
A password policy is a collection of rules that ensures complexity of
user credentials in order to prevent force attacks by increasing the number of possible
passwords.
Once enabled, the new password policy will be enforced when creating
Address Manager users and when resetting and changing user passwords. Existing user
passwords set prior to the new password policy will still be in effect until a user changes
or resets the password.
Note: Only one password policy can be configured in
Address Manager and the configured password policy will apply across all
configurations in
Address Manager.
The configured password policy will apply to
local users (Admin and Non-admin users) only (with either GUI or API access types); it
won't apply to any users created by external authenticators.
What's a login policy?
A login policy is a collection of rules that when configured, protects against brute force
password attacks. The login policy will apply to all
Address Manager
users.
Note: Only one login policy can be configured in Address Manager and the
configured policy will apply across all configurations in Address Manager.