Enforce Password Policies

Whatfix follows industry best practices to ensure customer account safety and compliance. The default password policy enforces a minimum of 8 characters. However, we also support those businesses who wish to implement a password policy that is more aligned to their organization's security standards. In this section, we have explained the different password policies you can configure:

Note

To activate your password policies for your Whatfix account, contact support@whatfix.com.

your title goes here

Policies are enforced through all login touch points (dashboard, website, and Studio).

Policy	Description
Password Length	Minimum/Maximum : 1/100 characters
Password Composition	Alphanumeric indicators: Upper Case Lower Case Number Any Special Character
Password Expiry	No notifications are sent to the user prior to the expiration of the password. Once the password expires, a password expiry message along with information about a password reset link will be sent by email. Minimum/Maximum - 90/365 days
Password Retention	Define how many recent historical passwords should not be reused. If the number is set to 4, then the new password cannot be one of the last 4 passwords that were used.
Login Failure	Once you cross the login failure threshold, the account is LOCKED. Once locked, you will receive an email with instructions to unlock your account. For more information, see how to unlock my Whatfix account?