Enforcing Password Policies
- 01 Sep 2022
- 1 Minute To Read
-
Print
-
DarkLight
-
PDF
Enforcing Password Policies
- Updated On 01 Sep 2022
- 1 Minute To Read
-
Print
-
DarkLight
-
PDF
Whatfix follows industry best practices to assure customer account safety & compliance. The default password policy enforces a minimum of 8 characters. However, we also support those businesses who wish to implement a password policy that is more aligned to their organization's security standards. In this section, we have explained the different password policies you can configure.
Note
To activate your password policies for your Whatfix account, contact [email protected].
Policy enforcement:
Policies are enforced through all login touch points (Dashboard, website, and Editor)
Password Length:
Min/Max - 1/100 characters
Password Composition:
Alphanumeric indicators:
- Upper Case
- Lower Case
- Number
- Any Special Character
Password Expiry:
- No notifications are sent to the user prior to the expiry of the password.
- Once the password expires, a password expiry message along with information about a password reset link will be sent by email.
- You can set the password to expire in 90 days, at a minimum, and in 365 days, at a maximium. End users will be prompted to reset the password after the set number of day.
Password Retention:
- You can set the system to remember, anywhere between, 3 to 10 previous passwords.
- The end user will not be allowed to reuse the last set number of passwords. This prevents users from alternating between several common passwords.
Login Failure:
- Once you cross the login failure threshold, the account is LOCKED.
- Once locked, you receive an email with instructions to unlock your account. For more information, see How can I unlock my Whatfix account?
Was this article helpful?