Identity Cloud

Password policy


Configure a password policy when you want a customized rule for creating valid sign-in passwords. The rule—or policy— applies to users who sign into your registered apps within a realm.

You can configure only one password policy per realm.

By default, Identity Cloud password policy is set to the minimum security requirements established by the National Institute of Standards and Technology (NIST). Any changes you make to the password policy must conform to requirements contained in their guidelines. See Digital Identity Guidelines.

Configure a password policy

  1. In the Identity Cloud admin UI, go to Security > Password Policy.

  2. Choose the realm the password policy will apply to.

  3. Edit password policy details.

    Password length

    Minimum 8 characters. No maximum.

    Cannot include

    An enabled option restricts the use of:
    ・More than 2 consecutive characters (Example: aaaaaa)
    ・Commonly-used passwords (Examples: qwerty or 12345678)
    ・Part of Alpha realm - User attributes
        From the drop-down list, specify user attributes that cannot be used.

    Must contain

    An enabled option requires at least 1:
    ・Upper case letter
    ・Lower case letter
    ・Space, pipe, or special character:
        ( ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { } ~ ) .

    Cannot reuse

    When enabled, restricts user from reusing the specified number of previously set passwords.

    Force password change

    When enabled, requires user to reset their password after the specified number of days has elapsed.

  4. Click Save.

Copyright © 2010-2022 ForgeRock, all rights reserved.