Address Manager administrators can enable and configure a password policy and a login policy to enforce specific rules when users are setting their passwords and
logging into Address Manager
What's a password policy?
A password policy is a collection of rules that ensures complexity of user
credentials in order to prevent force attacks by increasing the number of possible
passwords.
Once enabled, the new password policy will be enforced when creating
Address Manager users and when resetting and changing user passwords. Existing user
passwords set prior to the new password policy will still be in effect until a user changes or
resets the password.
Note: Only one password policy can be configured in
Address Manager and the configured password policy will apply across all configurations in
Address Manager.
The configured password policy will apply to local users (Admin and
Non-admin users) only (with either GUI or API access types); it won't apply to any users
created by external authenticators.
What's a login policy?
A login policy is a collection of rules that when configured, protects against brute force
password attacks. The login policy will apply to all
Address Manager users.
Note: Only
one login policy can be configured in Address Manager and the configured policy will
apply across all configurations in Address Manager.