This article explains the process of managing Password Policies on the Users & Teams page.

• To manage the Password Policies, you can go to Users & Teams > Password Policies and you can click on Edit button to edit both Policy for All Administrators and Policy for All Users

Policy for All Administrators:

This password policy applies to all administrator accounts of the management portal.

Policy for All Users:

This password policy applies to all user accounts that require a Timus password. Users that single sign-on with their third party Identity Provider accounts do not have Timus passwords, thus they are not bound by this policy.

Active Rules:

We have 11 password policies. 6 of them are active and 5 of them are inactive in default as shown in the images below. You are able to change the password policies however you want

Once you click on Edit, you will be able to configure the policies however you want.

Minimum character length This will be active all the time. You are able to change the minimum character length, which is 8 in default, to any numbers that you want.

Minimum number of lower case letters We recommend using at least 1 lower-case letter to make the passwords stronger.

Minimum number of upper case letters We recommend using at least 1 upper-case letter to make the passwords stronger.

Minimum number of digits (0-9) We recommend using at least 1 digit to make the password stronger.

Minimum number of special characters If selected, password must include special characters such as !@#$-%&*+. We recommend using at least 1 special character to make the password stronger.

Maximum number of consecutive digits For example; if 3 is selected, up to 3 consecutive digits such as 01, 012, 123, 456, 789 can be included in the password, 4 consecutive digits like 0123 cannot.

Cannot use commonly used passwords Commonly used passwords can be very easily detected by automated tools of bad actors, thus using them leads to a vulnerability. This check is insensitive for upper-case and lower-case letters.

Cannot contain keywords You can add the keywords, which you don't want the users/admins to use in their passwords, into here so that the users/admins are not able to use these keywords. Maximum 10 keywords can be entered.

Cannot contain first part of user's email address For example, the password of the user with the email address johndoe@abc.com cannot contain the text 'johndoe'.

Cannot contain user's first name If you activate this, the users/admins will not be able to use their user's first name in their passwords. This check is insensitive for upper-case and lower-case letters.

Cannot contain user's last name If you activate this, the users/admins will not be able to use their user's last name in their passwords. This check is insensitive for upper-case and lower-case letters.