Password Validation Process

In many cases, the password policy for an application applies to all users, so there is only one password policy per application. Sometimes, more than one policy is created for a single application to specify different password requirements for different levels or types of user access. In the password management process, when a user's password is being changed, the policy checker scans all of the policies that apply to the identity and creates one super-policy that covers all of the restrictions for that user.

If no password policy is defined for the application, no password policy is enforced and any password entered for a password change is accepted by IdentityIQ and passed to the application to be set as the account's new password.