KCM Repository Administrator GuideAdminister KCM RepositoryAdministrative tasksConfigure the password policyRequirements for password

Requirements for password

A password must meet the following requirements in a standard configuration. These requirements are enforced when changing a password.

  • Be at least 12 characters long.
  • If less than 20 characters long, it should contain at least three of the following character types: lowercase letters, uppercase letters, digits, and other (symbols, punctuation, and so on).
  • For languages without lowercase/uppercase distinction, all three following character types should be present: letters, digits, and other (symbols, punctuation, and so on).
  • Not be used earlier by this user in the previous 12 months.
  • Additionally, if the organization has a list with forbidden passwords, the password should not be on this list. For information on how to configure a list of forbidden passwords, see Configure a list of forbidden passwords.

You can configure the two password lengths (12 and 20 by default) and the retention period for old passwords. For more information, see Adjust the password policy settings.

When an incorrect password is provided, the user account will be locked out for five consecutive times (default setting) at login. To unlock it, the administrator has to reset the password of this user account. For more information on how to reset a user's password, see Reset a password.