Address Manager administrators can enable and configure a password policy and a login policy to enforce specific rules when users are setting their passwords and
logging into Address Manager
What's a password policy?
A password policy is a collection of rules that ensures complexity of user
credentials in order to prevent force attacks by increasing the number of possible
Once enabled, the new password policy will be enforced when creating Address Manager
users and when resetting and changing user passwords. Existing user
passwords set prior to the new password policy will still be in effect until a user changes or
resets the password.
Only one password policy can be configured in Address Manager
and the configured password policy will apply across all configurations in Address Manager
The configured password policy will apply to local users (Admin and
Non-admin users) only (with either GUI or API access types); it won't apply to any users
created by external authenticators.
What's a login policy?
A login policy is a collection of rules that when configured, protects against brute force
password attacks. The login policy will apply to all Address Manager
one login policy can be configured in Address Manager and the configured policy will
apply across all configurations in Address Manager.