Default Password Policies for RapidIdentity
  • 14 Nov 2023
  • 1 Minute to read
  • Dark

Default Password Policies for RapidIdentity

  • Dark

Article Summary

Default Password Policies for RapidIdentity

RapidIdentity has its own default password policy set up to keep environments secure. With a good password management system, Administrators can improve on these defaults by including extra criteria for authentication.
The existing policies are as follows:

PolicyDefault ValueDefinition
Required Character Sets4At least one character from each standard character type (Lowercase a-z, Uppercase A-Z, Special Characters !"#$%&'()*+,-./:;=?@^_, digits 0-9.
Minimum Length8The minimum length a password is required to be in order to be accepted as valid.
Maximum Length255The maximum length a password can be to function within the system.
Max Failure5Locks a user out after 5 incorrect passwords have been entered.
Failed Attempts Within5 minTime duration that the Failed Login Attempts must occur within to trigger a lockout.
Lockout Duration0A user that has been locked out for incorrect passwords will remain locked out indefinitely until an Administrator attends to the issue.
Password Must ChangeTRUEEach time a user is required to change their password, a different password must be chosen from the previous entry.
Password Allow User ChangeTRUEUsers can for change their own passwords when needed if not locked out.
Matching AttributesSetUsers can not include account attributes in their passwords, such as firstName, lastName, username, etc.

Recommended Ways to Improve Password Security:

  • Use Multi-Factor Authentication policies for the majority of users (WebAuthn, Pictograph, PingMe, etc.)
  • Enforce a stronger password standard by requiring more characters (10 or more) and more characters of each type (3 special characters, uppercase or numbers)
  • Creating a restricted list of passwords to be automatically excluded from user accounts during verification (mascots, school names, town name, etc.)

Was this article helpful?