Set advanced password security options. You can specify a time limit for user passwords, specify the number of failed login attempts allowed before users are locked out of the system, and specify whether you want to allow users to define their own passwords in place of the automatically generated one. These settings will apply to all user accounts in the subscription.
Note that when the partner has implemented a single sign-on solution, the password security options are not available and disabled from the user interface.
1. Go to Setup > Security.
2. The following password security options are available:
• Password expires after <number> months. Select this check box, and then define how long a user's password should be considered valid. The expiration time limit starts from the date the password was last changed or initialized.
• Lock account after <number> failed login attempts. Select this check box, and then select the number of failed login attempts allowed before a user is locked out of the system. This is to prevent password brute forcing attacks.
• Allow user defined passwords. Select this check box to allow users to create their own passwords. When selected, each user can go to the Change Password page (Setup > Change Password) to define their own user account password, following the password guidelines that you define. See Securely Distribute PDF Reports. If this option is not selected, then the service will automatically generate strong passwords for user accounts.
• Minimum length of password is <number> characters. (Applicable only when user defined passwords are allowed.) Select to enforce a minimum password length for user defined passwords, and then enter between 6 and 16 characters. If you do not select this check box, then users can define a password of any length.
• Password must contain alpha and numeric characters. (Applicable only when user defined passwords are allowed.) Select to enforce that users include both alpha and numeric characters when defining their own passwords. This combination strengthens password security. Service-generated passwords always contain a mix of alpha and numeric characters.
Click Save.
Restricting Access to the Service