Use the glide.enable.password_policy property to enable password policy checks whenever a user changes their password using the user interface.

To define which password policy to use once this property is enabled, see Enable password policies on your instance.

Note: The glide.enable.password_policy does not apply when an administrator changes a password or adds a user through script.

More information

AttributeDescription
Property name glide.enable.password_policy
Configure in Instance Security Center Yes
Configuration type System Properties (/sys_properties_list.do)
Purpose To apply password policy at time of password change.
Recommended value true (for higher strength passwords)
Functional ImpactSetting the property to true turns on password policy checks when a user resets their password.
Security risk (Medium) Without a password policy, a user can create a weak password which increases the likelihood of an adversary gaining access to the instance.

Steps to configure

If you configure this setting in the Hardening Compliance Configuration page in the Instance Security Center:
  1. Under Medium, Select Session Management.
  2. In the Enable Password Reset Policy Check setting, select Medium for medium strength passwords, or Strong for more robust, higher strength passwords. Selecting one of these options sets the glide.enable.password_policy property to true and starts a workflow that automatically updates your password policy.

Additionally, you can set the glide.apply.password_policy.on_login system property to enable password policy checks at the time of log in.