Skip to main content
Skip table of contents

Password Policy Setup

A password policy sets certain standards for passwords. such You can set the password complexity and the rules for changing passwords.

A password policy minimizes the risk of using passwords by ensuring that they meet adequate complexity standards to frustrate brute force attacks. They must be changed frequently enough to mitigate the risk of someone revealing or discovering a password.


Steps

  1. On the top right, navigate to 
    cog
     → Manage Users
  2. Navigate to User Management → Auth Configurations
  3. Click the name of the policy to edit the configuration.


    By default, AppBase creates a policy called Tenant Password Policy Configuration

  4. Click the Edit button to set the constraints for the tenant (DB) passwords.


  5. Field description:

    1. Max Invalid Password AttemptsSets the number of invalid password or password-answer attempts allowed before the membership user is locked out.

    2. Password Attempt Window: sets the number of minutes in which a maximum number of invalid password or password-answer attempts are allowed before the membership user is locked out.

    3. Min Required Password Length: Sets the minimum length required for a password.

    4. Min Required Non-Alphanumeric Characters: sets the minimum number of special characters that must be present in a valid password.

    5. Password Strength Regular Expression (REGEX): sets the regular expression used to evaluate a password.

  6. Click Save to commit your change or Cancel to exit without saving.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.