Configuring password policy
Password Policy is created to define a format in which the new passwords will be generated by the vault. This is to ensure a configured level of password complexity by enforcing parameters such as minimum length, minimum uppercase, lowercase and numeric characters.
Password policy is like a prerequisite for Rotation policy. Once, a Password policy is created it should be assigned to the desired Rotation Policy which in turn is linked to the asset(s). The system provides a default password policy which is applied in absence of any other password policy. This section provides details for adding a new policy or updating the default policy/existing policy.
Configuring a new password policy
- Login to the system and select PAM from the product navigator.
Navigate to Policies → Click on Password Policies → Password.
Click on +Add Policy.
Policy name: Enter the desired policy name like Windows servers password policy.
Description: Enter the desired description for this policy.
Use Static password (optional and not recommended): This option is only applicable if you choose to use the same password for all the privilege accounts configured with a rotation job associated with this password policy.
Parameters: Refer below table:
Exclude Char: Enter one or more characters to exclude from the password policy.
- Ensure First Char: Tick the Any checkbox to have any character as first character of the password. To provide any other specification untick the Any checkbox and select required configuration from the drop-down list.
- Ensure Last Char: Tick the Any checkbox to have any character as last character of the password. To provide any other specification untick the Any checkbox and select required configuration from the drop-down list.
- Ensure Middle Char: Tick the Any checkbox to have any character as middle character of the password. To provide any other specification untick the Any checkbox and select required configuration from the drop-down list.
- Test: Click on this button to view a sample password based on the defined parameters.
Password policy parameters
Parameters | Minimum | Maximum | Default |
|---|---|---|---|
No. of Characters | 2 | 50 | 8 |
Upper Case Chars | 2 | 26 | 2 |
Lower Case Chars | 2 | 26 | 2 |
Numeric case | 2 | 10 | 2 |
Special Chars | 2 | 7 | 2 |
You can disable any of the above parameter unchecking the Enforce checkbox.
Modifying existing password policy
- Login to the system and select PAM from the product navigator.
- Navigate to Policies → Click on Password Policies → Password.
Click on the edit button next to the policy name.
Do the required changed like changes like no. of characters for password length, changing minimum required Upper Chars, etc.
Click on Update to save the changes.
Related How-to Articles