Address Manager administrators can enable and configure a password policy as
well as a login policy to enforce specific rules when users are setting their passwords and
logging into Address Manager
What is a password policy?
A password policy is a collection of rules that ensures complexity of user
credentials in order to prevent force attacks by increasing the number of possible passwords.
Only one password policy can be configured in Address Manager. The configured password
policy will be applicable to all configurations in Address Manager and local users
(Admin and Non-admin users) only (with either GUI or API access types). Any users created by
external authenticators will not be applicable.
Once enabled, the new password policy will be enforced when creating
Address Manager users and resetting and changing user passwords. Existing user passwords
set prior to the new password policy will still be in effect until a user changes or resets
the password.
Note: Only one password policy can be configured in Address Manager.
Note: The configured password policy will be applicable across all configurations
in Address Manager.
What is a login policy?
A login policy is a collection of rules that when configured, protects against brute force
password attacks. The login policy will be applicable to all
Address Manager
users.
Note: Only one login policy can be configured in Address Manager.
Note: The configured policy will be applicable across all configurations in Address Manager.