|
|
|
|
|
All passwords must meet all criteria that the administrator configures. After configuring password rules, all future passwords must meet these criteria. All existing users must change their passwords at their next logins if the new criteria are stronger than the previous criteria. Password rules apply only to user profiles stored locally. Password rules on an authentication server must be managed by the authentication server.
In addition, any four contiguous characters in the user name and the password cannot match.
Strong password rules require users to observe strict guidelines when creating passwords, which makes the passwords more difficult to guess and, in theory, more secure. Strong passwords are not enabled in CC-SG by default. A strong password that includes all strong password parameters is always required for the CC Super-User.
You can use the Message of the Day feature to provide advanced notice to users when the strong password rules will be changing and what the new criteria are.