PREVIOUS | NEXT
All users can change their own password. As an administrator, you can define a password policy to maximize security and minimize misuse. A password policy is a set of rules designed to enhance security and is enforced when passwords are created or changed in CLM.
To set up a password policy:
- Click Setup > Other > Password Policy.
- Enter the following complexity requirements.
- Minimum Length: Least number of characters that can make up a password for a user account. You can set a value between 8 and 10 characters.
- Maximum Length: Maximum number of characters that can make up a password for a user account. You can set a value between 8 and 20 characters. Maximum password length should not be set too low.
- Expire in Days: The duration after which the password expires. You can set passwords to expire after a number of days between 1 and 365. By default, the password expires in 90 days. This is also the duration at which the user is prompted to change the password.
- Number of unique Passwords before re-use: Number of unique new passwords that must be associated with a user account before an old password can be reused. By default, users cannot reuse the last 5 passwords.
- Type: Character combinations the users can use when creating the password:
- Lowercase Letters, Numbers, and Special Characters
- Uppercase Letters, Numbers, and Special Characters
- Lowercase Letters, Uppercase Letters, Numbers, and Special Characters
A user's account is locked after 5 consecutive invalid login attempts. The user can then request a password reset by clicking on Forgot Password in the login page.
You can specify if a customer should receive a random or preset password when a password reset request is submitted. See Application Setting for detailed information.