Password Policy
Password Policy Options
Select Tools > Admins & Permissions > Password Profile to display the password policy options.


Device42 administrators can define user password policy requirements and expiration settings to increase password strength and improve security.


Policy settings include:
- Minimum password length
- Minimum number of uppercase, numeric, and special characters
- Password expiration timing
- User account locking after specified number of invalid login attempts
caution
Please note that Lock accounts is a global setting that applies to all users, including admin superusers. If you enable account locking, ensure that you create a second superuser in case the main admin user is locked out, as Device42 is unable to unlock accounts.
- User alerts for password expiration
Select the options you want to enforce and the values for your password rules, and then click Save.
User Login
- A login attempt with an invalid password counts against account lockout.
- If a user enters a valid password after their password has expired, they are prompted to change their password.
- Users are alerted the designated number of days prior to password expiration.
- Users locked out of their account see an alert when they try to login and must contact their administrator to regain account access.


User Password and Account Status
The Tools > Admins & Permissions > Administrators page displays the current password and account status for each user. Administrators can expire a user’s password, exempt a user from password expiration, and unlock a user’s account.

