Knowledge Base

Manage Your Password Policy

  • Updated

Admin-Super.png

Super Admins can enable/disable and configure a password policy for their site. Enabling a password policy forces all users to adhere to the site's established 'character' and 'length' requirements when they create and update their account passwords.

Your password policy should require that passwords be complex enough to:

  • protect the privacy of your users and
  • prevent unauthorized access.

To manage your password policy:

  1. In the Admin Toolbar, click Admin.

Toolbar-Admin.png

  1. Navigate to Settings > Security > Password Policy.

Manage your password policy

On the Password Policy page, you can:

  1. Enable/disable your Password Policy.
  2. If enabled, configure the password requirements that all users must adhere to when creating/updating their account passwords. You can define:
  1. The minimum/maximum length your users' passwords must be.
  2. The characters that must be included (you can even dictate the number of each character a password must contain). Requiring a high minimum password length (e.g., 10 or more) and one or two of the Required Characters is a great way to ensure your members' passwords are complex enough to prevent unauthorized access. Remember, while complexity is important, password length is crucial to prevent brute-force cracking).

Test your password policy

After you save your password policy, test it to make sure it works.

TIP: Test a variety of passwords — and be sure to include some that you know should fail.

  1. Specify a password that you believe adheres to your Password Policy and click Submit.
  2. Specify a password that you believe does not adhere to your Password Policy and click Submit.
    • A green border and check mark means the password meets the requirements.
    • A red border and message indicates the password failed the test.

NOTE: You can change the values in the upper part of the page, but remember to click Save before testing them.

Re-using passwords

NOTE: This information is relevant to "standalone" sites only.

  • Users cannot re-use any of their last 5 passwords.

This Higher Logic policy supports our ongoing measures to safeguard your site.

Was this article helpful?
1 out of 3 found this helpful
Return to top

Can’t find what you’re looking for?

Create a Case Call US Support