A solid password aging policy forces users to
select different passwords periodically and choose long passwords
that are not frequently reused. Not only does this make it more
difficult for intruders to guess user passwords, it also limits the
amount of time that a cracked password can be used for illicit
To access the password age configuration, open
User Manager For Domains and select Account from the Policies menu.
Here are the Password Restrictions options that will help keep your
network resources secure:
Maximum Password Age: These
settings force users to change their passwords when the passwords
reach a certain age. You can choose options that either Never
Expire Passwords or Expire Passwords after one to 999 days.
Minimum Password Age: These
settings let you Allow Changes Immediately or require that a
password be from one to 999 days old before allowing changes. The
latter option ensures that users can't change their passwords back
to previous passwords after being forced to choose new ones due to
the Maximum Password Age configuration.
Minimum Password Length:
These settings let you Allow Blank Passwords or specify a minimum
length of one to 14 characters.
Password Uniqueness: These
settings allow you to choose Do Not Keep A Password History or
Remember one to 24 passwords back. When you select the latter
option, it prevents users from choosing a previously used password
for a specified number of password changes.