Configure the password policy

Use the Password Policy page to configure your user-password policy to meet your organization’s security requirements.

Field descriptions

NOTE   These settings apply only to passwords managed by Calabrio ONE. Passwords handled by an external identity provider (IdP) via single sign-on adhere to that IdP’s unique password policy.

Field Description

Minimum password length

The minimum number of characters a user’s password must be for your organization. The Calabrio ONE minimum password length is eight characters. Default value = 8.

Prevent reuse of the last ___ passwords

Select this check box to prevent users from setting a password that matches any of a specified number of previous passwords. Default value = 5

Require new password after ___ days

Select this check box to require users to set a new password after a specified number of days. You are notified upon login if your password is set to expire within seven days. If your password expires, you must set a new password the next time you log in. Default value = 90.

NOTE   If you shorten the expiration period, you can cause existing passwords to expire. For example, if you shorten the expiration period from 90 days to 60 days, passwords that are older than the new 60-day limit will become expired.

Lock user account after ___ failed login attempts

Select this check box to lock a user’s account after a specified number of failed login attempts. If a user’s account becomes locked, that user will be unable to log in until they reset their password, or an administrator unlocks the account or resets the password. Default value = 5.

A user with the Administer Password Policy permission can unlock an account from the Users page (see Manage users).

NOTE   If a user’s account is locked, login will be disabled through both Calabrio ONE and single sign-on. However, an account only becomes locked following failed Calabrio ONE login attempts. Failed single sign-on login attempts are handled by the IdP.

NOTE   This option is enabled by default for new customers starting with Version 10.0 Update 2017.9. Customers who configured their password policy before the release of Version 10.0 Update 2017.9 will maintain those settings.

Some additional password complexity requirements are not configurable. These requirements are described below.

Passwords must conform to the following rules.

  • Must be a minimum of 8 characters.
  • Must contain at least one of each of the following.

    Uppercase letters
    Lowercase letters
    Numbers 0-9
    Special characters ! # $ % & ( ) , . / : ; = ? @ ^ ` |

  • Cannot contain your name or email address.

NOTE   Passwords do not expire.