JumpCloud’s password complexity settings give administrators the option to control the level of complexity of the passwords users create for their JumpCloud accounts. The user account password governs access to not only the JumpCloud user account, but also to all resources the account has access to, such as computers and SSO applications. You can create and enforce the use of strong passwords across your organization to help protect your org and its users from hackers and security breaches.
If you integrate Office 365 with JumpCloud, we recommend that you consider Office 365's complexity settings for account passwords as you set complexity settings for JumpCloud account passwords. Specifically, consider that Office 365 requires password lengths between 8 and 16 characters. If your users attempt to create passwords with more than 16 characters, there may be issues replicating that password in Office 365. Consult Microsoft's documentation for all of Office 365's account password complexity requirements.
- Log in to the JumpCloud Admin Portal: https://console.jumpcloud.com/.
- Go to Settings, then click the Security tab.
- Select options from the Complexity section.
- Click save changes.
- Set the minimum number of characters required.
- Maximum Length: Currently, password length can't be limited to a certain number of characters.
- Users will receive one email a day for 7 days leading up to expiration requesting a password reset.
- If a password expires, users are locked out of all endpoints, including email. Admin assistance is required to restore the account. See Unlock User Accounts.
- Set the number of times a user may have failed login attempts before locking the account from access. Account lockout is triggered from and will lock the user out of:
- User Console
- System endpoints
- Lockout will not affect G Suite or Office 365 to accommodate self-service password reset via email.
- After a user account is locked due to failed login attempts, admin assistance is required to restore the account. See Unlock User Accounts.
When you change the complexity requirements, a confirmation window, Apply New Password Requirements appears before you commit changes.
- Specify the date and time users will be required to change their password and meet the new complexity requirements. If the user does not reset their password by this time, the user will be locked out until a password reset is performed.
- - Users will not be required to change their password and meet the new password complexity requirements until the next password change.