Implement a strong Password Complexity Policy to set password strength rules that will enforce minimum corporate standards for password strength.

Password Strength Rules can be set for:

Minimum Length - the minimum number of characters a password must contain. This check can be skipped.

Maximum Length - the maximum number of characters a password may contain. This check can be skipped.

Minimum Lowercase - the minimum number of lowercase characters a password must contain. This check can be skipped.

Minimum Uppercase - the minimum number of uppercase characters a password must contain. This check can be skipped.

Minimum Numeric - the minimum number of numeric characters a password must contain. This check can be skipped.

Minimum Special - the minimum number of non-alphanumeric characters a password must contain. This check can be skipped.

PortalGuard maintains its own password settings apart from those for your user repository. It is recommended that you set PortalGuard's rules equal to or stricter than those for the user repository to ensure that passwords are acceptable to PortalGuard are not considered unacceptable by the user repository.

By setting appropriate rules for each required level of data protection, IT can identify users who might pose a risk, such as through their use of weak passwords. It is important to have a flexible Password Complexity Policy to accommodate all levels of required data protection.

Examples of Possible Password Strength Rules:

Low Data Protection: 6 characters

Medium Data Protection: 8 characters; 1 uppercase letter; 1 lowercase letter; no dictionary words

High Data Protection: 12 characters; multiple uppercase letters; multiple lowercase letters; no dictionary words