Password policy

You can set various policies for user passwords. These settings are global and affect all IEE user accounts. They are neither role nor workgroup specific. You must enable a Password Policy for the settings to take effect.

Passwords must conform to following format:

  • Password must be different from the login name.

  • Password characters cannot be repeated consecutively.

  • Passwords must contain three of the following character classes:

    • Uppercase alphabetic.

    • Lowercase alphabetic.

    • Number.

    • Punctuation (any character that does not fall into any of the above sets and is not blank, such as *, &, _, and so forth).

      Note: The Itron password policy is not enforced when using Windows Authentication.

      Important! The Password Policy screen will be disabled when Identity Sync is installed. The Identity Sync service in the Cloud Identity portal manages user roles and permissions. For more information, refer to the Identity Sync Service User Guide.

Configuring the Password Policy

  1. Go to System Administration > System Admin > Password Policy.

  2. On the Password Policy Configuration tab, configure the following:

    Enabled. Select Yes or No. You must select Yes for the password policy to take effect.

    ClosedMaximum Age

    Defines the number of days that must pass before IEE prompts users to change their passwords.

    ClosedMinimum Age

    Defines the number of days that a password must exist before users can change it.

    ClosedMinimum Length

    Defines the minimum number of characters that the password must contain.

    ClosedHistory Count

    Defines the number of most recent passwords that IEE stores in its history. A new password cannot repeat a password that remains in this history. For example, if the history count is set to 3, IEE stores the current password and the two previously used passwords. If a user had the password "ttggsRc331" three changes ago, they can reuse it at the next password change. If the password was used two changes ago, it cannot be reuse at the next password change.

    ClosedMaximum Logon Attempts

    Defines the number of times a user can enter incorrect login credentials before IEE locks the user out.

    ClosedPassword Expire Warn Time

    Defines the number of days that must pass before IEE warns of an expiring password. Enter a whole number.

    ClosedLock Out Duration

    Defines the number of minutes that must pass before a locked-out user can log in again.