Implement an effective Password Expiration Policy and have the ability to set password expiration intervals and select a grace period in which expired passwords must be changed.

The Password Expiration Policy will require users to create a new password at predetermined times defined by IT. Of course, the frequency that IT might want passwords to change is based on the sensitivity of the assets being protected.

PortalGuard's Password Expiration Policy can implement the following (only if desired):

Grace Period - The number of days after a user's password expires that will still be allowed to login using the current password. When logging in with an expired password, the user will receive notification of the number of days until the grace period ends and have the option of continuing the login without changing their password. When the grace period ends, the user will be forced to change their password in order to login to the web server.

Expire on First Use - The first time a user logs in through the PortalGuard interface, they can be required to change their password immediately. This is one way to force the user to comply with the password complexity rules enforced by PortalGuard.