JumpCloud offers the ability for the administrator to control the level of complexity of the passwords users must create for themselves. These settings will govern the user account and all resources the account has access to, ranging from the JumpCloud user portal to their desktop access. Password Complexity Management enables you to create and enforce the use of strong passwords in order to better protect your organization. Password Complexity Builder replaces the previous Windows and PCI User Passwords functionality as of April 30, 2015. For more details regarding PCI compliant password settings, see requirement 8 in the PCI DSS v3.2 document.
- Set the minimum number of characters required.
- Maximum Length: Cannot be limited or capped at this time.
- Users will receive one email a day for 7 days leading up to expiration requesting a password reset
- If a password expires, users are locked out of all endpoints, including email. Admin assistance is required to restore the account
- Set the number of times a user may have failed login attempts before locking the account from access. Account lockout is triggered from and will lock the user out of:
- User Console
- System endpoints
- Lockout will not affect G Suite or Office 365 to accommodate self-service password reset via email.
When changing the complexity requirements, a confirmation window "Apply New Password Requirements" will be displayed before committing changes.
- Specify the date and time users will be required to change their password and meet the new complexity requirements. If the user does not reset their password by this time, the user will be locked out until a password reset is performed.
- - Users will not be required to change their password and meet the new password complexity requirements until the next password change.