This topic introduces how to set a password policy for the RAM users of your Alibaba Cloud account. You can specify password complexity requirements, including the password length, validity period, and password history check.

Procedure

  1. Log on to the RAM console with an Alibaba Cloud account.
  2. In the left-side navigation pane, click Settings under Identities.
  3. On the Security Settings tab, click Edit Password Rule, and configure the parameters on the page that appears.
    • Password Length: The password must be 8 to 32 characters in length.
      Note To guarantee account security, the password must be at least 8 characters in length.
    • Required Elements in Password: The available elements include lowercase letters, uppercase letters, numbers, and symbols.
      Note The password must contain the selected element or elements. To enhance account security, we recommend that you select at least two of the preceding elements.
    • Password Validity Period: The value range is from 0 to 1095, in days. The default value is 0, which indicates that the password never expires.
      Note The password validity period changes if you reset the password.
    • Action After Password Expires: You can specify whether to allow the RAM users to log on to the RAM console after their passwords expire. You can select either of the following options based on your business needs.
      • Deny Logon: If you select this option, the RAM users can log on to the console only after you reset the passwords by using your Alibaba Cloud account.
      • Allow Logon: If you select this option, the RAM users can change their passwords after the passwords expire. The RAM users can then use the new passwords to log on to the console.
    • Password History Check Policy: You can prevent RAM users from reusing the previous N passwords. The value range is from 0 to 24. The default value is 0, which indicates that the RAM users can reuse previous passwords.
    • Password Retry Constraint Policy: This parameter specifies the maximum number (N) of allowed logon attempts in an hour. The value range is from 0 to 32. The default value is 0, which indicates that the logon attempts are not limited.
      Note The number of logon attempts is reset to zero after you change the password.
  4. Click OK.
    Note The password settings apply to all the RAM users of your Alibaba Cloud account.