Password policies are a common way for businesses to encourage strong user passwords.
In the interest of data security, a password policy might impose specific requirements, such as:
- a minimum number of characters
- the use of upper case letters
- the use of numeric characters
Customer Self Service features 'Password Rules' as a means of implementing password policy. There are two steps in configuring the functionality:
- Create a password rule.
- Apply the password rule at Role level.
Step-by-step guide
To Create a Password Rule:
- Login as an Administrator.
- Navigate to 'Accounts' --> 'Password Rules' (/zpasswordrule.aspx).
- Click 'New'.
- Update the field values as follows:
- Password Rule Code - a unique code for the rule set.
- Password Rule Description - a general description of the rule set.
- Days Before Expiry - the number of days the password will be valid, before a Force Change is issued.
- Miniumum Characters - the minimum number of characters required.
- Uppercase Characters - the minimum number of upper case characters required.
- Lowercase Characters - the minimum number of lower case characters required.
- Numeric Characters - the minimum number of numeric characters required.
- Cycles Before Reuse - the number of new passwords the user must cycle through before being allowed to reuse a previous password.
- Click 'OK' to save.
To Assign a Password Rule at Role Level:
- Login as an Administrator.
- Navigate to 'Accounts' --> 'Role Management' (/zRoles.aspx).
- Select the required role via radio button.
- Click the 'Functions' tab.
- Click 'Modify'.
- Locate the flag labelled 'Password Rule Code'.
- Select the required password rule from the drop-down list.
- Click 'OK' to save.
There is also a flag to indicate whether Password Rules should be enforced at the point of new user registration. If the setting is toggled on, the role associated with self-registered users will dictate which password rule is applied.
(This flag is available on versions 3.69.03 and later)
To Apply Password Rules on User Registration:
- Login as an Administrator.
- Navigate to 'Settings' --> 'Settings' (/zSettings.aspx).
- On the 'General' tab, locate the flag 'Apply Password Rules to Registration'.
- Tick the box to enable the functionality.
- Click the 'Update' button at the bottom of the page to save.
Related help