password minimum length for PROOF accounts

Hi Stephen,

Yes, the site admin can perform this change and the default is 8 digits. Here are the steps:

1. Go to /admin and login

2. Go to User Management → Password Policy

3. Select the account you need by the checkbox in the left panel of opened tab

4. Click on Load button in the toolbox. As result all 3 text areas will be filled with password rules for given account

5. Password validation regular expression will look like this:

   (?!.*[А-я])(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\p{Punct}])(?=\S+$).{8,}$

6. Replace 8 in the regular expression with the number of desired digits for passwords

7. Update the text areas "Weak password alert" and "Password rules description" so that the warnings display an accurate message according to the rules you selected

8. Click on Save having required account selected

Regards,

Subject7 Team

Thank you, once I make the change; would all existing users' passwords still be valid and active?

Hi Stephen,

You are most welcome. No, this change will not affect the existing users, it will only affect the below:

• creating a new user
• changing password

Regards,

Subject7 Team

Thanks Joseph, one more question; is there a way via PROOF/Admin for me to know if a PROOF account's password has been recently changed? Thanks.

sorry, more questions :) ... does the current implementation of PROOF (8.18.5.1038) allow for these additional account password settings below..

1. Should provide automated assistance for users in selecting strong passwords
2. Passwords must be changed at least every 365 days but no more than once a day
3. Users must be allowed to choose passphrases with spaces and printable characters
4. Passwords can’t match any of the 10 previous versions