Password Policy

The default user password policy requires that all Ipswitch Analytics user passwords:

• Be a minimum of eight characters
• Be a maximum of 20 characters
• Follow the Sturdy password policy: a password cannot be the username or a shorter version of it, cannot contain dictionary words, and must contain at least one numeric and one non-numeric character

• To change the user password policy:

1. Sign in with a System Administrator user account.
2. Go to the Settings module and select the System tab.
3. Select Password Policy. This screen shows the current user password policy.
4. Select a password policy from the list of built-in user password policies, with strengths from low to high:
   • Very Tough: Password cannot contain or be a short version of the username and cannot contain popular dictionary words. Password must contain at least one numeric character, one non-numeric character, one special character (such as $ or !), and contain uppercase and lowercase letters.
   • Tough: Password cannot contain or be a short version of the username and cannot contain popular dictionary words. Password must contain at least one numeric and one non-numeric character, and contain both uppercase and lowercase letters.
   • Sturdy (Default): Password cannot contain or be a short version of the username and cannot contain popular dictionary words. Password must contain at least one numeric and one non-numeric character.
   • Minimal: Password cannot contain or be short version of the username. Password must contain at least one numeric and one non-numeric character.
   • Weak: Password cannot contain or be short version of the username.
   • Almost None: Password cannot be the same as username.
5. For User password minimum size, enter the minimum number of characters the password must be.
6. For User password maximum size, enter the maximum number of characters the password can be.

See also Security for more information on user password security measures in place with Ipswitch Analytics.