Go To Dashboard

Password Policy

Developer

The Password Policy feature allows you to enhance authentication security by defining the password rules. This guide will help you in setting a Password Policy using various password scales.

To set a Password Policy, login to your LoginRadius Dashboard account, from the left navigation panel, click Security and then navigate to the Password Policy section.

Click the down arrow or anywhere within the section, the Password Policy screen will appear:

Password Policy Configuration

LoginRadius allows you to set up password strength from Weak to Very Strong with a set of predefined rules, or you can set your custom rules for the password.

Set of Rules

LoginRadius provides a predefined list of rules for your ease, or you can select the Custom option to set the desired policy rules. The following explains what each rule offers:

Weak

Allows your customers to set passwords from min length 6 to max length 20 with alphanumeric characters.

Medium

Allows your customers to set passwords from min length 6 to max length 20 with at least 1 uppercase character, 1 special character and 1 digit required. Commonly used passwords will not be allowed to be set as passwords.

Strong

Allows your customers to set passwords from min length 6 to max length 20 with at least 1 uppercase character, 1 special character and 1 digit required. Commonly used passwords, dictionary words, profile words will not be allowed to set as passwords. Also, the customers cannot use the last 3 passwords again for their account.

Very Strong

Allows your customers to set passwords from min length 6 to max length 20 with at least 1 uppercase character, 1 special character and 1 digit required. Commonly used passwords, dictionary words, profile words will not be allowed to set as passwords. Also, the customers cannot use the last 3 passwords again and must change passwords each month.

Custom

To set up a custom password policy ruleset, click anywhere on the Custom scale. The Custom Password Policy screen will appear:

Password Policy

Enter or select the following configuration details:

  • Password Validation: The Password Validation allows you to set the length (6 to 32 ) and type of the password (alphabet, alphanumeric or Most used combination).

    • Note: Most used combinations contain at least 1 uppercase character, 1 special character, one number.

      Password Policy

  • Common Password Protection: Common Password Protection enables you to prevent customers from using common passwords. The list of common passwords is maintained by LoginRadius and gets updated regularly.

  • Profile Password Prevention: Profile Password Prevention enables you to prevent your customers from using the profile data for the account password. For example, the values of customer profile fields like username, email id, first name, etc cannot be used as an account password.
  • Dictionary Password Prevention: Dictionary Password Prevention enables you to prevent your customers from setting the dictionary passwords. LoginRadius uses this dynamic Password Dictionary to avoid the use of dictionary passwords.
  • Password History: You can configure the number of unique passwords a customer must set before reusing an old password. This enables you to enhance security by ensuring that old passwords are not reused frequently.
  • Password Expiration: You can set the password expiry configuration to request an updated password from your customers periodically. This feature allows you to customize how often you want your customers to reset their passwords.
Edit on GitHub