Default Password Policies for RapidIdentity
- 14 Nov 2023
- 1 Minute to read
- Print
- DarkLight
Default Password Policies for RapidIdentity
- Updated on 14 Nov 2023
- 1 Minute to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Default Password Policies for RapidIdentity
RapidIdentity has its own default password policy set up to keep environments secure. With a good password management system, Administrators can improve on these defaults by including extra criteria for authentication.
The existing policies are as follows:
| Policy | Default Value | Definition |
|---|---|---|
| Required Character Sets | 4 | At least one character from each standard character type (Lowercase a-z, Uppercase A-Z, Special Characters !"#$%&'()*+,-./:;=?@^_, digits 0-9. |
| Minimum Length | 8 | The minimum length a password is required to be in order to be accepted as valid. |
| Maximum Length | 255 | The maximum length a password can be to function within the system. |
| Max Failure | 5 | Locks a user out after 5 incorrect passwords have been entered. |
| Failed Attempts Within | 5 min | Time duration that the Failed Login Attempts must occur within to trigger a lockout. |
| Lockout Duration | 0 | A user that has been locked out for incorrect passwords will remain locked out indefinitely until an Administrator attends to the issue. |
| Password Must Change | TRUE | Each time a user is required to change their password, a different password must be chosen from the previous entry. |
| Password Allow User Change | TRUE | Users can for change their own passwords when needed if not locked out. |
| Matching Attributes | Set | Users can not include account attributes in their passwords, such as firstName, lastName, username, etc. |
Recommended Ways to Improve Password Security:
- Use Multi-Factor Authentication policies for the majority of users (WebAuthn, Pictograph, PingMe, etc.)
- Enforce a stronger password standard by requiring more characters (10 or more) and more characters of each type (3 special characters, uppercase or numbers)
- Creating a restricted list of passwords to be automatically excluded from user accounts during verification (mascots, school names, town name, etc.)
Was this article helpful?