Password policy options
- Automatic expiry (the number of days for which a user’s password will remain valid before it expires, forcing the use to reset their password when they next attempt to log on). An administrator can also reset passwords.
- Minimum length of a password.
- Failed login attempts. If this is left blank or set to 0, there will be no limit of the number of times a user can attempt to login. See how to unlock a user's account. Note. LDAP accounts are not subject to lockout.
- Minimum number of upper case letters
- Minimum number of numeric characters.
- Minimum number of special characters.
- Whether users are prevented from changing their own password.
- Whether 'Remember me' is disabled on the sign-in screen.
More about user passwords
Other tools and settings are available to help administrators manage user passwords. These are covered on the Manage user passwords page.