---
title: "How to Configure Password Policies Settings"
slug: "how-to-configure-password-policies-settings"
updated: 2024-02-21T14:11:52Z
published: 2024-02-21T14:11:52Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://documentation.infinite.com/llms.txt
> Use this file to discover all available pages before exploring further.

# How to Configure Password Policies Settings

Abstract

The Password Policy defines the client's password strength and security behavior during authentication. There are a defined group of settings for each client that can be customized to fit security requirements.

Specific Password Policy settings are configured across the Infinite BrassRing Platform as follows.

### Navigation

Abstract

This section describes the configuration of password policies in the Infinite BrassRing Platform.

From the Admin page,

1. Select Security → Password Policies in the navigation menu to launch the Password Policies page shown in the following figure.

The following Password Policy configuration options are available:
  - General Settings
  - Lock Out Settings
  - Connection Settings

**Figure 81. Admin - Password Policies page**

![Admin - Password Policies page](https://cdn.us.document360.io/4bb62c4c-9973-48ec-ab93-23d4b1755503/Images/Documentation/71879bc6-f7a4-49c9-a1b7-eff96a38c1c7.jpg)
2. Select the Edit hyperlink to expand the specific function you wish to configure.

![image13.jpg](https://cdn.us.document360.io/4bb62c4c-9973-48ec-ab93-23d4b1755503/Images/Documentation/dea237e4-bb83-441b-8c71-5ca5dc383643.jpg)

### General Settings Configuration

Abstract

This section describes how to configure the General Settings for Password Policies.

1. Select the **Edit**icon to expand the Edit General Settings configuration section.

**Figure 82. Edit General Settings configuration**

![Edit General Settings configuration](https://cdn.us.document360.io/4bb62c4c-9973-48ec-ab93-23d4b1755503/Images/Documentation/3b41ff2b-de9a-4bf6-bc5b-fa8c82a754a6.jpg)
2. Enter in the appropriate configurations for the following fields:

**Table 26. Edit General Settings fields**

| Field Name | Description |
| --- | --- |
| Complexity | When ON the password must: - Contain at least 8 - 20 characters using at least one special character: ` ! @ $ % ^ & * ( ) - _ = + [ ]; : ' " , < . > / ?" (whereas the minimum password length is 8 [configurable]) - Contain both UPPER CASE (A-Z) and lower case (a-z) alphanumeric characters. - Contain at least one numeric character 0-9 - Must NOT contain the user's username. |
| Expires Every | The number of days a password must be active before changing. 0 = The password can be changed at any time. |
| Length | The length of characters a password must be. > [!NOTE] > Note > > The minimum character length is 8. |
| Remember Last | How many passwords the system will remember. > [!NOTE] > Note > > A user cannot use a previously remembered password. > > 0 = No passwords are remembered. |
3. Select**Save Changes** upon completion to save configuration settings.

### Lock Out Settings Configuration

Abstract

This section describes how to configure the Lock Out Settings for Password Policies.

1. Select the **Edit**icon to expand the Lock Out Settings configuration section.

**Figure 83. Lock Out Settings configuration**

![Lock Out Settings configuration](https://cdn.us.document360.io/4bb62c4c-9973-48ec-ab93-23d4b1755503/Images/Documentation/06c93b19-04e0-407a-a433-397853d6e003.jpg)
2. Enter in the appropriate configurations for the following fields:

**Table 27. Edit Lock Out Settings fields**

| Field Name | Description |
| --- | --- |
| Lock Account After | How many times a login can fail before the account is locked out. 0 = The account is never locked out. |
| Never lock the user ![image453.jpg](https://cdn.us.document360.io/4bb62c4c-9973-48ec-ab93-23d4b1755503/Images/Documentation/2f83cfe4-337a-47ef-b7ce-502c029f7375.jpg) | Gives the option to never lock the user. Select the **Never lock the user** option if you want your users to never experience a locked account. When selected, the**Lock Account After** and **Account Locked For** fields are grayed out (disabled) so that it's obvious these fields are no longer applicable. If unselected, the **Lock Account After** and **Account Locked For** fields become active again. > [!NOTE] > Note > > When Never lock the user is selected, the **Lock Account After** field does not permit the value of **0**. If **0** is entered, the message The Lock Account After field requires a value greater than 0 for the number of attempts. displays. > [!NOTE] > Important > > Be advised that this option will give anyone unlimited attempts to authenticate, which will compromise security and is not recommended. |
| Account Locked for | The length of time an account stays locked before unlocking itself. 0 = The account instantly unlocks. |
3. Select **Save Changes**upon completion to save configuration settings.