Policy Server Guides › Policy Server Configuration Guide › Password Policies › Configure Password Restrictions

Configure Password Restrictions

You configure password restrictions to place restrictions on password usage. Restrictions include:

• how long a user must wait before reusing a password
• how different the password must be from ones previously used

You can also prevent users from specifying words that you determine are a security risk or contain users' personal information.

Note: Restrictions are optional. If you do not want to enable a restriction, leave the respective fields blank.

To configure password restrictions

1. Click the Restrictions tab.

   Password restriction settings open.

   Note: Click Help for descriptions of settings and controls, including their respective requirements and limits.

2. Specify how much time must pass and/or how many new passwords must be created before an old password can be reused in the Reuse group box.

   Note: If you specify both criteria, each must be satisfied before a user can reuse a password.

   Example: A password policy requires users to wait 365 days and specify 12 passwords before reusing a password. After a year, if a user only supplied six passwords, the user would have to supply another six passwords before reusing the first password.

3. Specify how much a new password must differ from the previous password in the Changed Required group box.
4. Specify the number of consecutive characters the password policy compares to personal information stored in user profiles in the Profile Attributes group box.
5. Specify the path to a user-defined dictionary of forbidden passwords and the length of the string compared against values in the dictionary in the Dictionary group box.
6. Click Apply to save the changes or click OK to save the changes and return to the Administrative UI.