This article is intended for talkspirit administrators.

You can define a custom security policy for your organisation.

From the administration > Authentication:

You can define the passwords complexity:

Low complexity
Users are free to define the password they want, with a minimum of 6 characters.

Medium complexity (recommended)
Passwords must be quite strong: not too short, not too simple, no common easy-to-guess passwords.

Strong complexity
Passwords must be very strong: with a upper case, lower case, non alphanumeric character, minimum 8 characters length, no common easy-to-guess passwords…

If you modify the complexity, this won't apply to existing passwords. User will be able to keep their password. They will have to choose a password with the chosen complexity when they will renew it.

You can define how often users will have to renew their password:

When the passwords will be about to expire, users will be invited to renew their password. If they don't do it in time, they will be disconnected.

When they will try to login after that, they will be redirected to a page forcing them to choose a new password.

The previous and new password cannot be the same.

Did this answer your question?