Set a password policy at a system level
Regulate passwords at a system level by creating a password policy.
Under system settings, select Security.
Under Default password policy, select the box if you want to Allow organization override. This way organization administrators can set password policy for their organizations.
Enter the following settings for your policy:
Set the password strength. This can be Weak, Medium, Strong, Complex or Custom.
If you choose Custom, enter the number of minimum Uppercase letters, Lowercase letters, Numbers and Symbols required.
Enter the number of characters required in the Minimum length field.
Use the dropdown to choose the length of time allowed before Password expiration.
Enter the number of login attempts allowed before Login lockout.
Enter the length of time allowed before Inactive account expiration.
Check the box to Restrict password reuse, and use the dropdown to choose the number of times each password may be reused.
Check the box to Restrict password reset, and use the dropdown to choose the number of days during which a user can reset their password after their reset request is sent.
Use the dropdowns to select the amount of time that may pass before Idle timeout and Session timeout.
Select Save.