RapidIdentity Administrators' and Users' Guide

Create a Custom Password Policy

Password Policies ensure that when passwords are set or reset, they comply with your organization's policy for complexity. They can also prevent insecure values as well as prevent unwanted characters. The steps below will walk you through the basic steps for this process, and more information on the available fields is available in the Password Policy Manager section.

  1. Log in to RapidIdentity as an administrator.

  2. Navigate to the Configuration module.

    Dashboard_Configuration.jpg

  3. Click Password in the Policies section.

    Policies_Password_Main.jpg

  4. There are two types of policies: Default Password Policy and Custom Password Policy, which would be any policy that is not the default. If a custom policy is set up with the "Default Policy" box checked, that custom policy will become the new default policy.

    Note

    RapidIdentity will only allow one Default Policy at a time.

    To create a custom policy, click the + button below the Policy List. This creates a new policy called "New Password Policy."

    PW_Pol_Proc_-_Add_Policy.jpg

  5. In the General tab, give the policy a Name and Description. Click the Enabled checkbox to Enable it. In this example, we are creating a policy that will apply to the Accounting group.

    PW_Pol_Proc_-_General_Tab_1.jpg

  6. The Access Control setting is where we define whom the policy will affect. For this example, we clicked the dropdown and chose Attribute-based. You can also use Role-based and select roles to apply the policy to. In the Attribute ACL field, enter an LDAP statement that includes the desired group. In this example, we used (department=Accounting).

    Note

    If the "Default Policy" box is checked above, this field will not be visible.

    Attributes.jpg

  7. The rest of the settings on this page are optional and explained further in the Password Policy Manager section below. For now, move to the Password Syntax tab.

  8. In this screen, you can go through each of the different settings and customize your policy, or click the Meet AD Complexity Requirements button to populate these requirements automatically.

    AD_Complexity_Reqs.jpg

  9. Click the Restricted Passwords tab for the final configuration set. Update settings as desired, or leave as default.

    Restricted_Passwords_Final.jpg

Important

After all desired settings have been finalized, click Save before navigating away from this module.

In this section: