A Password Policy can be set for users in your Grant Lifecycle Manager (GLM) or Scholarship Lifecycle Manager (SLM) site. The requirements you choose will apply to all users across all roles in the site who set or reset their password going forward.
You can also configure the maximum failed attempts allowed for users to enter their password when logging on without enabling the custom user password policy.
If the Password Policy setting is not enabled, a default password policy is in effect for GLM/SLM sites. The default policy is a minimum of 6 characters that can include letters, numbers, and the following special characters: !@#$%^&*()_
If a custom password policy is enabled, contact Support in order to customize the password instructions for your registration page for new users.
Enable the User Password Policy Setting
- Click the gear icon in the upper-right corner.
- Click the pencil icon next to the User Password Policy setting.
- Make the necessary edits and selections, and then click OK.
- Password Policy Enabled - If checked, the configurations in this setting go into effect.
- Include These Character Types - Character types that a user can include in their password.
-
Expire Days - The number of days after which users are prompted to reset their password.
- The default for this is to never expire, which is the industry recommendation.
- A password expiration should only be used if required by the organization's password security policy.
- Two-Factor Auth Roles - Check the box next to a role to require two factor authentication for users with that role.
-
Max Failed Attempts (Always Enforced) - The maximum failed attempts allowed for users to enter their password when logging on.
- After reaching this limit, the user will be locked out of their account and prompted to reset their password.
- The number entered into this field goes into effect even if Password Policy Enabled is not checked.
If a user tries to set a password that does not meet the requirements, the system will display a message listing the password requirements.