eviden-logo

Evidian > Products > Authentication Manager: Multi-factor strong authentication (MFA) for PCs and Servers > Generate Strong Password Format Control Policies

Generate Strong Password Format Control Policies

Evidian Authentication Manager

Enterprise Access Management Tutorial - Configure Password Format Control Policies

Learn how to configure new Password Format Control Policies (PFCP) on the  EAM console in a few clicks .

The Password Format Control Policies define the number of characters, the minimum and maximum lengths and the types of characters required to provide a valid password when authenticating on an application.

Managing Password Format Control Policies

Before starting:

To perform the tasks described, you must have at least the following administration role:

  • In classic administration mode: "Security object administrator".
  • In advanced administration mode, your role must contain the following administration right: "Password format control policy: Creation/Modification".

Creating Password Format Control Policies

In the tree structure of the Directory panel, right-click the organizational unit that must contain your PFCP and select NewPassword Control Policy.

  • The PFCP configuration tab appears.

Configuring Password Format Control Policy

  • To perform this task, you must have at least the following administration role:
    • In classic administration mode: "Security object administrator".
    • In advanced administration mode, your role must contain the following administration right: "Password format control policy: Creation/Modification".

Procedure

  1. Type the PFCP name.
  2. In the Password Format area, set the minimum and the maximum number of characters, the maximum number of the same character allowed in password and specify if you want to allow or prevent the use of successive occurrences of the same character.

Advanced Policies

Click the Advanced Policy button to add forbidden character sequences:

Select the following check boxes:

New and current passwords can't have the same characters at the same position to force the order modification of the characters. Example: if this check box is selected and the old password was apricot, then the new password cannot be apple but parrot for example.

This option is case sensitive to authorize or forbid upper case or lower case letters to be considered as identical letters in the password. Example: If the check box is not selected, then a=A.

Password cannot contain the user's login or display name to prevent the user from using his name or login (sAMAccountName) to create his password. This restriction applies to names longer than 3 characters. Example: the password of John Fab Smith can neither contain John nor Smith but can contain Fab.
This option is available only with Microsoft directories.

Use the Add and Remove buttons to manage the forbidden character sequences, such as QWERTY or 12345.

  1. In the Allowed characters area, set the number of lower case and upper case letters, digits, special characters and the list of these special characters allowed in passwords and their position.
    The Special character list field enables you to specify which of these characters must appear in the password.
    You can also force the use of 3 categories of characters out of the 4 available.
  2. In the Forbidden characters area, create a list of forbidden characters.
  3. Click the Test password generation button to check if the generated passwords correspond to your requirements.

Evidian Products - Protect your company from cyber attacks by unauthorized users

Identity as-a-service

Evidian takes care of everything related to your Identity and Access Management with IDaaS

Learn more   >

Identity Governance and Administration

Manage access and authorization of all your users in your company

Learn more   >

Web Access Manager

Gateway for web apps with SSO, multi-factor authentication, identity federation

Learn more   >

Analytics

Monitoring and powerful reporting for regulatory compliance

Learn more   >

Authentication Manager

Authentication Manager

Enterprise multi-factor & passwordless authentication on Windows PCs

Learn more   >

Enterprise Single Sign-On (SSO)

Secure access to legacy and web apps on PCs & mobiles with SSO

Learn more   >

Self Service Password Reset (SSPR)

Reset Windows passwords online and offline

Learn more   >

SafeKit

High availability software for Evidian and partner applications

Learn more   >

Evidian IAM leader in the French and German markets and in U.S. Public Sector

Evidian IAM

Evidian IAM cyber security tools and solutions – Leader in Identity and Access Management in France

Evidian IAM

Evidian IAM cyber security tools and solutions – Leader in Identity and Access Management in Germany

Evidian IAM

Evidian IAM cyber security tools and solutions – Leader in Identity and Access Management in U.S. Public Sector

What are IAM cyber security tools and solutions?