Password update settings

You can give people the ability to change or securely reset their passwords and define the strength of each password.

Fastpath: Admin Console: People > Settings > Password Reset

Fastpath: Admin Console: System > Settings > Password Control

For the detailed procedure of configuring password update settings for users, see Configuring password update settings.

Note: The settings discussed in this section do not affect users who use federated or SSO login.

Self-service password resets

When password reset is enabled, users can change their passwords with the help of password strength tips and a strength meter. They can access the functionality or the option under the avatar in the user interface:

By using the link on the Login page: The user provides the required information about themselves and receives an email with instructions on password change.
By selecting Change Password under their avatar on the user interface.

This feature does not affect the ability of community administrators to update passwords for users. For more information, see Manual password reset.

Password strength

You can require each user password to meet certain criteria to make passwords more secure. You can use one of the existing policies or define a custom policy.

Password strength policy sets the following requirements for each password:

The minimum and maximum passwords length.
The number of Latin uppercase [A-Z] and lowercase [a-z] letters.
The number of digits [0-9].
The number of special symbols, such as @, %, or *.

Password reuse

This setting allows specifing the reuse policy by defining the number of unique passwords before a user can reuse an old password. Note that this policy affects only self-service password resets and does not apply to password updates performed by community administrators.