Password Policy is created to define a format in which the new passwords will be generated by the vault. This is to ensure a configured level of password complexity by enforcing parameters such as minimum length, minimum uppercase, lowercase and numeric characters.
Password policy is like a prerequisite for Rotation policy. Once, a Password policy is created it should be assigned to the desired Rotation Policy which in turn is linked to the asset(s). The system provides a default password policy which is applied in absence of any other password policy. This section provides details for adding a new policy or updating the default policy/existing policy.
-
Configuring password policy | id (4.5)Configuringpasswordpolicy Configuringanewpasswordpolicy
-
Configuring password policy | id (4.5)Configuringpasswordpolicy Modifyingexistingpasswordpolicy
Configuring a new password policy
-
Login as an admin user.
-
Navigate to Policies → Click on Password Policy from the Password Management section.
-
Click on +Add Password Policy.
-
Policy name: Enter the desired policy name like Windows servers password policy.
-
Description: Enter the desired description for this policy.
-
Use Static password (optional and not recommended): This option is only applicable if you choose to use the same password for all the privilege accounts configured with a rotation job associated with this password policy.
-
Parameters: Refer below table:
-
Exclude Char: Enter one or more characters to exclude from the password policy.
-
Ensure First Char: Tick the Any checkbox to have any character as first character of the password. To provide any other specification untick the Any checkbox and select required configuration from the drop-down list.
-
Ensure Last Char: Tick the Any checkbox to have any character as last character of the password. To provide any other specification untick the Any checkbox and select required configuration from the drop-down list.
-
Ensure Middle Char: Tick the Any checkbox to have any character as middle character of the password. To provide any other specification untick the Any checkbox and select required configuration from the drop-down list.
-
Test policy: Click on this button to view a sample password based on the defined parameters.
Password policy parameters
|
Parameters |
Minimum |
Maximum |
Default |
|---|---|---|---|
|
No. of Characters |
2 |
50 |
8 |
|
Upper Case Chars |
2 |
26 |
2 |
|
Lower Case Chars |
2 |
26 |
2 |
|
Numeric case |
2 |
10 |
2 |
|
Special Chars |
2 |
7 |
2 |
You can disable any of the above parameter unchecking the Enforce checkbox.
Modifying existing password policy
-
Login as an admin user.
-
Navigate to Policies → Click on Password Policy from the Password Management section.
-
Click on policy name → Policy configuration will be opened.
-
Do the required changed like changes like no. of characters for password length, changing minimum required Upper Chars, etc.
-
Click on Update to save the changes.