You can modify an existing password policy to suit your company's requirements.

Note: Password policies should be kept synchronized across all PingDirectory Server and Directory Proxy Server instances.
  • Use dsconfigdsconfig in non-interactive mode: (in interactive or non-interactive mode) or the Administrative Console to modify the configuration for any defined password policy. The following example sets some of the properties presented in the previous section for the default password policy using
    $ bin/dsconfig set-password-policy-prop \ 
      --policy-name "Default Password Policy" \ 
      --set "max-password-age:90 days" \ 
      --set "password-expiration-warning-interval:14 days" \ 
      --set "lockout-failure-count:3" \
      --set "password-history-count:6"