PingDirectory

Creating a new password policy

Steps

  • To create a new password policy:

    Choose from:

    • Run dsconfig in interactive or non-interactive mode.

    • Use the administrative console.

    Example:

    This example demonstrates creating a new policy using dsconfig in non-interactive mode.

    $ bin/dsconfig create-password-policy \
  --policy-name "Demo Password Policy" \
  --set "password-attribute:userpassword" \
  --set "default-password-storage-scheme:Salted SHA-256" \
  --set "force-change-on-add:true" \
  --set "force-change-on-reset:true" \
  --set "password-expiration-warning-interval:2 weeks" \
  --set "max-password-age:90 days" \
  --set "lockout-duration:24 hours" \
  --set "lockout-failure-count:3" \
  --set "password-change-requires-current-password:true"