Enforce Password Policies
  • 13 Apr 2023
  • 1 Minute To Read
  • Dark
  • PDF

Enforce Password Policies

  • Dark
  • PDF

Article Summary

Whatfix follows industry best practices to assure customer account safety & compliance. The default password policy enforces a minimum of 8 characters. However, we also support those businesses who wish to implement a password policy that is more aligned to their organization's security standards. In this section, we have explained the different password policies you can configure:


To activate your password policies for your Whatfix account, contact

  • Policies are enforced through all login touch points (dashboard, website, and Studio)

  • Password Length:

    • Min/Max - 1/100 characters
  • Password Composition:

    • Alphanumeric indicators:
      • Upper Case
      • Lower Case
      • Number
      • Any Special Character
  • Password Expiry:

    • No notifications are sent to the user prior to the expiry of the password.
    • Once the password expires, a password expiry message along with information about a password reset link will be sent by email.
    • Min/Max - 90/365 days
  • Password Retention:

    • Min/Max - 3/10 days
  • Login Failure:

    1. Once you cross the login failure threshold, the account is LOCKED.
    2. Once locked, you receive an email with instructions to unlock your account. For more information, see How can I unlock my account when locked?

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.