Implementation Guide › Architectural Considerations › Implementation Considerations › Identify Password Management Options

Identify Password Management Options

Do any security policies require your organization to manage user passwords? Do you anticipate managing user passwords in the future?

You can use SiteMinder password policies to enforce the password requirements of your enterprise. A password policy can validate the user's password against any of the following types of characteristics before accepting it:

• Composition

  Verifies the minimum or maximum length, the types of characters allowed, and if or how often any of those characters can be repeated in a password.

• Age

  Verifies the time limits for how long the same password can be used, how long a password can remain inactive before it must be changed, and how long or how often before an expired password can be reused. You can specify one of the following responses for users with expired passwords:

  • disable their accounts
  • force them to change their passwords
• Attempts

  Records the number of times the user has previously entered an incorrect password, and takes one of the following actions when that number is exceeded:

  • disables the account.
  • waits a specified time period before allowing either one login attempt or reenabling the account.

Note: For more information, see the SiteMinder Policy Server Configuration Guide.