Set a password policy at an organization level
As long as it is allowed at a system level, as an Organization Administrator, you can regulate passwords within your organization by creating a password policy.
Under organization settings, select Security.
Enter the following settings for your policy:
Password Strength: This can be Weak, Medium, Strong, Complex or Custom.
If you choose Custom, enter the minimum required number of Uppercase letters, Lowercase letters, Numbers and Symbols.
Enter the number of characters required in the Minimum length field.
Use the drop-down menu to choose the length of time allowed before Password expiration.
Enter the number of login attempts allowed before Login lockout.
Choose the length of time allowed before Inactive account expiration.
Check the box to Restrict password reuse, and use the drop-down menu to choose the number of times each password may be reused.
Check the box to Restrict password reset, and use the drop-down menu to choose the number of days during which a user can reset their password after their reset request is sent.
Use the drop-down menus to select the amount of time that may pass before Idle timeout and Session timeout.
Select Save.