Question:
How does the "Strong Password Rules" work?
Answer:
- Strong Password rules is a new feature we're excited about as it puts further control over the security of your Brightidea system
- To enable this feature, please contact your Brightidea representative.
- Once enabled in your Brightidea system, you can find this beta feature in WebStorm or Enterprise Setup --> Site --> Security
- The administrator has the option of the following:
- Please note that all passwords, regardless of any rules, must be at least 6 characters and 1 number
- Customizable maximum validity days
- Complexity: must contain at least 3 of each (mixed case, number, and extended character)
- Account lockout upon entry of 10 invalid login attempts must be in place & remain locked for sixty minutes before the account is enabled again
- Not allow passwords containing single words found in a dictionary as well as the users name, User ID, or email address
- If you select a number of requirements - please make sure that exact number of choices is selected.
- The feature is designed to only pull the number of requirements set and chosen.
- Existing user accounts in a WebStorm will need to adhere to any new strong password rules placed - they are not exempt.
Can you please confirm that this Strong Password rule is still valid? I've tried to configure a 4 digits minimum but doesn't work.
Hello - yes this is still valid...Please note that all passwords, regardless of any rules, must be at least 6 characters - apologies for the confusion.
Best,
Anthony
Good morning. I don't know why I couldn't see these detailed rules options on my admin page, and I'm wondering where I can find an entire instruction of the password rule, such as which characters can not be used in passwords.
Thank you
Roc
Hi Roc,
This is a beta feature—let us know if you'd like it enabled on your site.
Note that users whose passwords do not meet any new requirements will need to do a password reset. See above for additional information.
Best,
Daniel He
Brightidea Support