Password Policy

This section helps an administrator to configure the password policy and rules for an organization. To set up the password policy follow these steps: 

  1. Login with administrator credentials 
  2. Click on the Settings icon at top right corner on the Home page.  
  3. From the left menu bar, select Advanced.  
  4.  Click Password Policy. 

There are three sections to Password Policy. These are: 

  1. Complexity 

A complex password uses different types of characters in unique ways to increase security and is difficult to detect by both humans and computer programs, effectively protecting data from unauthorized access. Passwords are typically case-sensitive, so a strong password contains letters in both uppercase and lowercase and can have combination of different special characters. 

MDO uses the below characteristics to make password more secure: 

Options  Description 
Uppercase (A-Z)  Selecting this checkbox forces users to add at least one character in upper case in the password. 
Lowercase (A-Z)  Selecting this checkbox forceusers to add at least one character in lower case in the password. 
Digit (0-9)  Selecting this checkbox forces users to add at least one numeric character in the password. 
Special characters  Selecting this checkbox forces users to add at least one special character in the password. 
Initial Login reset password?  Selecting this checkbox will force user to change the password on the initial /first login.  

This option will come into use when an administrator sets or resets a password. 

 2. Password Restrictions 

There are two types of restrictions which can be applied to a password policy. The table below provides some brief information on the types of restrictions:

Restriction Type  Description 
System Defined Value  MDO comes with predefined restriction types which can be used in password policy such as: 

  • First Name 
  • Last name 
  • User id 

When setting up a password if these restriction rules are applied then user cannot use their first name, last name or user id in their passwords. To add system defined value restrictions follow below steps: 

  1. Click on Add Text. 
  1. Select System Defined Value’ as Restriction Type. 
  1. Select the Restriction Value and click Save. 
  1. To add other values, repeat the process again from step 1. 
User Defined Value  There are some specific values or characters which an administrator may wish to restrict in password. To add user defined restrictions, follow these steps: 

  1. Click on Add Text. 
  1. Select ‘User Defined Value’ as Restriction Type. 
  1. Enter the value which you want to restrict i.e. #” or “@” and click Save. 
  1. To add other valuesrepeat the process again from step 1. 

 3. Other Details 

Other than complexity and restriction rules there are other criteria which can be applied to the password policy to make passwords more secure. These options include: 

Options  Description 
Password Length  Password length describes the minimum length of password. Generally, a minimum of eight characters for a password length is recommended but may be increased as per the company password policy. 
Password History count  Password history count ensures that the same password is not used again. For example, if the history count is set as “3” then user cannot use the last three passwords. 
Maximum Password Age (Days)  The Maximum Password Age policy setting determines the period (in days) that a password can be used before the system requires the user to change it. You can set passwords to expire after several days between 1 and 999. 
Account locked after failed login attempts  The system provides an option to specify the number of failed login attempts before a user account is locked. For example, if the failed login attempt is set as “4” then after four incorrect login attempts the user account gets locked. Only an administrator can unlock the user account.