Password policy
Passwords are the first line of defense for most accounts, and it's essential to secure them with strong, unique passwords. We recommend that you define a strong password policy for your organization and enforce all users to follow the password constraints specified in it. You can allow your users to generate secure passwords for their accounts based on the organization's password policy. Access Password policy from the Password management section of the Settings tab, then do one of the following
- Enable a default policy
- Create a new policy
Enabling a default policy
You can enable any one of the three default policies defined in Zoho Vault.
Simple
This policy contains less restrictions, and should be used sparingly for storing test accounts and internal non-critical accounts. We do not recommend this policy for storing sensitive credentials.
Moderate
This policy contains moderate restrictions that enforce users to have mixed case and numbers in their password.
Strong (Recommended)
The strong password policy contains extensive restrictions on the minimum password length, and enforces users to create passwords that contain mixed characters, numerals, and special characters.
Here's a detailed list of all constraints associated with the default policies:
Policies Name | Min Length | Max Length | Password Validity | Mandatory password constrains |
Simple | 4 | 8 | 60days |
|
Moderate | 6 | 8 | 60days |
|
Strong | 8 | 14 | 60days |
|
Note: The default policies cannot be edited or deleted in Zoho Vault.Creating a custom password policy
Create a password policy with your own constraints to match your company's security policies.- Select Password policy under the Password management section of the Settings tab, then click Add
- Enter the policy name, and the minimum and maximum password length. Specify one of the following password constraints:
- Must start with a letter
- Must include mixed cases
- Must contain numbers or special characters
- Number of special characters required
- Characters that are not allowed
- Password validity
- Click Save.
Related Articles
Configure password policy
Passwords are the most commonly used authentication factor. Many users reuse the same, insecure password for all their online accounts, compromising their organization's security. To protect yourself from this common pitfall, make it mandatory for ...How to set password preference for export policy
As a measure of security, you can use passwords to protect the files that are exported. You can use Zoho Campaigns' default password or set a password specific to a particular file. By default, Zoho Campaigns' default password will be set for the ...Reorder policy priority
Since multiple policies can be added to a group, policy priority plays an important part in deciding which policies will be applied to a user. Let's look at an example to understand policy priority. The group "Weekend Shift" has four members: Amelia, ...Can I configure a Password Policy for the users in my organization?
You can configure a password policy for the users in your organization. The Password policy can include one or many of the below: Password expiration period, Password History, Combination of Alphabets, Numbers and Special characters. Refer here for ...Setting export policy
Password preference lets administrators allow users to set a password for file export. Setting a password is not mandatory but it's be safer to opt for a password while exporting data. Prerequisites You need the Standard Admin role to edit ...