Skip to content

Password Requirement Options

You can set the following password requirements when creating or editing a password policy.

See the table below for requirement descriptions and examples.

Requirement Title Description Default Value Example Value Valid Password Invalid Password
Maximum length The maximum number of characters allowed. None 12 password passwordpassword
Minimum length The minimum number of characters allowed. 8 8 password pass
Minimum letters The minimum number of letters. 1 2 password, a123Z, BR650 p12345
Minimum uppercase The minimum number of uppercase letters. 0 2 PAssword, PASSWORD password, Password
Minimum lowercase The minimum number of lowercase letters. 0 2 PASSWOrd, password PASSWORD
Minimum digits The minimum number of digits. 1 2 password12 password1
Minimum special characters The minimum number of special characters that are not letters or digits.
Note: Passwords cannot include a colon (:).
0 2 (Acceptable special characters:
~!@#$%^*()/_+-`-={}\|][;?,.&><'" and spaces)
p@$sword p@ssword, p@ssword1
Minimum character types The number of categories required (uppercase, lowercase, digits, and special characters) described above.
Best practice: Set each category to 1 and then set Minimum character types to be equal to the number of categories you configured.
None 3  (Selected options: Minimum uppercase, Minimum lowercase, Minimum digits) Password1 password, password1
Maximum repeated characters The maximum number of times a character may be repeated after the first occurrence. All 2 password passsword
Prevent use of account attributes If checked, this requirement prevents users from including attribute values from their account on the source in their password. Unchecked In Active Directory: Display name: John Smith Phone: 555-555-1234 password password5555551234, passwordJohn
Prevent use of identity attributes If checked, this requirement prevents users from including attribute values from their IdentityNow account in their password. Unchecked In IdentityNow: Display name: John Smith Phone: 555-555-1234 password password5555551234, passwordJohn
Disallow display name fragments If checked, this requirement prevents users from including any part of their IdentityNow display name with a length greater than the Fragment char length in their password. Unchecked Fragment char value: All Display name: John Smith Fragment char length: 3 password, passwordJoh, passwordSmi passwordJohnSmith, passwordJohn, JohnSmith, hnSm
Disallow account ID fragments Prevents users from including any part of their IdentityNow account ID in their password with a length greater than the Fragment char length. Unchecked Fragment char value: All Account ID: john.smith Fragment char length: 3 password, passwordjoh, passwordsmi passwordjohn, passwordn.smi

You can further customize your password requirements by creating a password dictionary. If you select the checkbox for Prevent use of words in this site's password dictionary, users of your site won't be allowed to use words in the password dictionary.

Note

IdentityNow cannot process non-English characters as letters. If you have users who are likely to use non-English characters in their password, we recommend that you don't set a minimum letter limit for their passwords so they can set their passwords more easily.