Introduction

HelloID Administrators may control the complexity and security of their local HelloID user accounts by configuring their organization's Password Policy. The policy affects all local HelloID users. User accounts that authenticate against other identity providers, such as Active Directory Federation Services, are not affected.

Configure the Password Policy

Navigate to Security > Password > Policies to configure your organization's HelloID password policy. Once there, you have many options to customize the password policy for your HelloID instance.

1. Show password strength requirements
   Enable this to display the specific password requirements to the end user during password reset.
2. Minimum password length
   Minimum 1, maximum 20
3. Maximum password length
   Minimum 8, maximum 50
4. Minimum lowercase characters
   Minimum 1, maximum 20
5. Maximum lowercase characters
   Minimum 8, maximum 50
6. Minimum uppercase characters
   Minimum 1, maximum 20
7. Maximum uppercase characters
   Minimum 8, maximum 50
8. Minimum numeric characters
   Minimum 1, maximum 20
9. Maximum numeric characters
   Minimum 8, maximum 50
10. Minimum special characters
    Minimum 1, maximum 20
11. Maximum special characters
    Minimum 8, maximum 50
12. Regular expression
    New user passwords will be compared against the provided regular expression (regex) pattern. By default, passwords that match will be rejected. If you choose to invert the pattern, passwords that match will be allowed and all others will be rejected.
13. Excluded characters
    If a new user password contains any of the characters supplied in this setting, it will be rejected.
14. Excluded words
    If a new user password contains any word supplied in this setting, it will be rejected. Words should be separated by spaces.