IDaaS lets administrators centrally manage six password policy categories to protect account security: password complexity, initial passwords, periodic password changes, password history, forgotten passwords, and high-risk password detection.
Password complexity
Passwords are one of the weakest links in network security. IDaaS provides five preset complexity templates in Logon > Password Policies to cover common security requirements.
Initial passwords
When accounts are imported from an Identity Provider (IdP), IDaaS cannot retrieve existing user passwords from the IdP. The password initialization feature lets administrators generate and distribute temporary passwords for newly imported accounts.
Periodic password changes
Administrators can set a password expiration period and control what happens when passwords expire.
Password history
Enable password history checking to prevent users from reusing their most recently used passwords when they change their password. Configure how many previous passwords (N) are blocked to reduce security risks from password reuse.
Forgotten passwords
Users who forget their passwords can reset them through IDaaS self-service without contacting an administrator.
High-risk password detection
IDaaS checks new passwords against a database of publicly leaked passwords whenever users change their password. If a match is found, a warning appears on the page recommending that the user choose a different password.