Ideagen Luminate logo Ideagen Luminate logo
Navigation
Need help?
Send feedback
Sign in
This page does not meet FedRAMP security standards. Please avoid entering sensitive or classified information. Learn more
Learn more
Learn more

Looking for help?

Common queries

View all

Send us feedback

Megaphone illustration

Before you start

This form is for Ideagen Luminate feedback only. Your submission will not receive a response.

Looking for support? Select the solution you need help with and open a ticket with us.
New article Recently updated

Understanding the password policy

By Jackie Sexton
  • Last updated
⌘ K
Search this article
Print this article

Who is this article for?

Users and Administrators who want to understand the password policy 

No elevated permissions are required.

Multiple password rules may be combined to establish a Password Policy that aligns precisely with an organization's enterprise password requirements and security standards.

Password-Policy.png

  • Minimum length: The length of a password is a fundamental factor in determining its strength. Security professionals recommend a minimum of eight characters.
  • Maximum length: The typical maximum length for passwords is generally 64 characters.
  • Minimum number of numeric characters: Digits ranging from 0 to 9.
  • Minimum number of alphabetic characters: Letters from A to Z.
  • Minimum number of lowercase characters: Also referred to as small letters (a, b, c, etc.).
  • Minimum number of uppercase characters: Also referred to as capital letters (A, B, C, etc.).
  • Minimum number of non-alphanumeric characters: Special symbols such as dashes or dollar signs, excluding numbers and alphabetic characters.
  • First character must be numeric: Digit from 0 to 9. No value is required.
  • First character must be alphabetic: Letter from A to Z. No value is required.
  • First character must be non-alphanumeric: A special symbol such as a dash or dollar sign. No value is required.
  • Last character must be numeric: Digit from 0 to 9. No value is required.
  • Last character must be alphabetic: Letter from A to Z. No value is required.
  • Last character must be non-alphanumeric: A special symbol such as a dash or dollar sign. No value is required.
  • Password expires every (in days): Passwords typically expire every 60 to 90 days.
  • New users must change their password upon first login: A security measure to ensure that the password is not known by any other party. No value is required.
  • Forbidden character: A security measure that prohibits the use of specific characters or character sequences.
  • Forbidden password: A security measure that prevents the use of certain passwords.
  • Failed login attempts before lockout: A security measure that limits the number of unsuccessful login attempts to deter potential attackers from making multiple random attempts.

Caution when applying a rule more than once
While rules such as Forbidden Characters, strings, and passwords may be applied as often as necessary, applying other rules multiple times may result in conflicting outcomes.

Expire All Passwords
Administrators can require all users to change their passwords upon their next login by selecting Expire All Passwords, thereby mitigating the risk associated with potentially compromised credentials.

What do you think about this article?

Your feedback helps us improve

More articles in this section

Looking for more help? Ask the Community

On this page