Configure the password policy
Use the Password Policy page to configure your user-password policy to meet your organization’s security requirements.
Field descriptions
NOTE These settings apply only to passwords managed by Calabrio ONE. Passwords handled by an external identity provider (IdP) via single sign-on adhere to that IdP’s unique password policy
| Field | Description |
|---|---|
|
Minimum password length |
The minimum number of characters a user’s password must be for your organization. The Calabrio ONE minimum password length is eight characters. Default value = 8. |
|
Prevent reuse of the last ___ passwords |
Select this check box to prevent users from setting a password that matches any of a specified number of previous passwords. Default value = 5 |
|
Require new password after ___ days |
Select this check box to require users to set a new password after a specified number of days. You are notified upon login if your password is set to expire within seven days. If your password expires, you must set a new password the next time you log in. Default value = 90. NOTE If you shorten the expiration period, you can cause existing passwords to expire. For example, if you shorten the expiration period from 90 days to 60 days, passwords that are older than the new 60-day limit will become expired. |
|
Lock user account after ___ failed login attempts |
Select this check box to lock a user’s account after a specified number of failed login attempts. If a user’s account becomes locked, that user will be unable to log in until they reset their password, or an administrator unlocks the account or resets the password. Default value = 5. A user with the Administer Password Policy permission can unlock an account from the Users page (see Manage users). NOTE If a user’s account is locked, login will be disabled through both Calabrio ONE and single sign-on. However, an account only becomes locked following failed Calabrio ONE login attempts. Failed single sign-on login attempts are handled by the IdP. NOTE This option is enabled by default for new customers starting with Version 10.0 Update 2017.9. Customers who configured their password policy before the release of Version 10.0 Update 2017.9 will maintain those settings. |
Some additional password complexity requirements are not configurable. These requirements are described below.
Password complexity requirements
Password complexity requirements are based on Microsoft’s password policy: https://technet.microsoft.com/en-us/library/hh994562.aspx.
The following rules apply when you create or edit a user, or when you change or reset a password.
- Passwords cannot contain any white spaces (blanks).
- Passwords must be at least eight characters long. Minimum length can be configured by an administrator.
-
Passwords must contain characters from three of the following four categories:
Category Description Uppercase letters
A–Z
Uppercase unicode characters: http://www.fileformat.info/info/unicode/category/Lu/list.htmLowercase letters
a–z
Lowercase unicode characters: http://www.fileformat.info/info/unicode/category/Lu/list.htmNumbers
0–9
Special characters
The following characters are allowed for a tenant database password: ! # $ % & ( ) , . / : ; = ? @ ^ ` |The following characters are allowed for all other passwords:
! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ ] ^ _ ` { | } ~
These rules apply only where you configure a password that is controlled by Calabrio ONE. If a user enters a password for an external system that is not controlled by Calabrio ONE, Calabrio ONE will not validate the password (for example, ACD configuration).
NOTE A user can be created without a password (manually or automatically via ACD sync). A user without a password cannot log in. That user must use the “Forgot Password” link and set up a password.