Configure a Password Policy

About

Meet security requirements for the protection of sensitive data by easily setting and enforcing a password policy for your team. Implement a password policy to guide users in how to create secure passwords.

Set a Password Policy

Keep up best practices for security with TrueContext configurable password policy. Provide users with requirements for passwords such as password length and special characters, and prohibit the use of easily-guessed phrases, such as a user's login name.

  1. Log into the TrueContext web portal as a TrueContext Admin user, and go to Team Settings.

    User options "User Profile" and "Team Settings"

  2. Go to the Security tab.

  3. Beside the Password Policy header, select Change Policy.

  4. Set the password requirements that comply with your company’s password policy.

    The following example shows the configuration options available for your password policy.

    Password policy configuration options. You can set the minimum number of characters, which character combinations the password can't include, and whether the password expires.

    1. Passwords must have at least...—specify the minimum number of characters, lowercase characters, uppercase characters, numbers, and special characters.

    2. Passwords cannot contain...—select whether passwords can include spaces, keyboard sequences, alphabet sequences, number sequences, repeated characters, or previous passwords.

    3. Password Expiry—select an expiry period, or select Never if you don’t want passwords to expire. If you set passwords to expire, you can send users a reminder email a set period of time before their password expires.

      The following example shows a password expiry period set to three months. The system sends a reminder email one week before the password expires.

      Password set to expire after 3 months. The system is set to send a reminder email 1 week before the password expires.

      Note:The expiry period starts on the date that the user last changed their password.

  5. Select Update to save the new password policy.

  6. Users will be informed of password requirements when they attempt to change their password.

Note: There are two additional options available in the Security tab under the Password Policy header:

  • Expire All Passwords: Force all users to create a new password that conforms to the password requirements by making their current password invalid. Users will be prompted upon login to change their password.

  • Reset: Revert the password policy to default (8 characters).