Password Policy Configuration

Default Password Policy

The default password policy is the following:

  • The minimum length for passwords is 10 characters (the maximum length is 64 characters)
  • Passwords are checked against known bad passwords, banned lists, and so on
  • Passwords never expire
  • Passwords are only changed when forgotten

When a new reseller is created, a parent entity's password policy is applied for both own users and child accounts (the corresponding check boxes are selected).

If a reseller deselects the checkbox, the default policy is applied to the group of users (which might be changed in the future).

Note: The password policy also includes a two-factor authentication.

Default Password Brute Force Attack Protection

By default, the password protection from brute force attack settings are:

  • Enable brute-force attack protection: Enabled
  • Period for failed login tracking (minutes): 10
  • User lockout threshold (minutes): 10
  • User lockout period (minutes): 60

Note: IDP password policies will not be applied, if Password Quality level for Child Accounts is set to None in System > Settings > Setup > Password Quality in the Classic Control Panel.

© 2024 Ingram Micro, Inc. All Rights Reserved. Privacy Policy, Terms of Use and Legal

CloudBlue, an Ingram Micro business, uses cookies to improve the usability of our site. By continuing to use this site and/or logging in you are accepting the use of these cookies. For more information, visit our Privacy Policy.
I accept