Set Password Policies

About this task

Note: Password policies only apply to SOTI accounts and will not affect directory or third-party IdP users.

To set access and password complexity requirements:


  1. In the SOTI Identity Admin Console, open the main menu , and then click Account Settings.
  2. In the left side pane of the Account Settings window, select Authentication Factors > User Password .
  3. In the Lock Account after Login Failed Every field, specify how many times a SOTI Identity can attempt and fail to log in before they are locked out of their account.
    You can specify any value from 0 to 100 times. If a user is locked out of their account, they can reset their own password or an account administrator can unlock it for them.
  4. Turn on Enable Password Expiry and then set how long, in days, before a password expires.
    1. Optional: You can set SOTI Identity to automatically remind users of their impending password expiry. Turn on the Enable Email Reminder toggle and enter a value in Send Email Before for the number of days prior to password expiry that you want the email sent out.
      Users will also receive an email the day before their password expires.
  5. Specify password complexity policies that SOTI Identity users must meet when creating their passwords.
    Note: Password policies changes only apply to new users or when an existing user changes their password. Current users are not prompted to update their existing passwords to meet complexity requirements.
    Minimum characters length Enter the minimum number of characters a password must contain. Enter a number from 3 to 51.
    At least one digit Enable to force users to include at least one number in their password.
    At least one upper case letter Enable to force users to include at least one uppercase letter in their password.
    At least one lower case letter Enable to force users to include at least one lowercase letter in their password.
    At least one special character (@,#,$,*,&) Enable to force users to include at least one special character in their password.
  6. Click Save to set the new password policies.


New users must comply with these password policies. Existing users may continue to use their current passwords, even if they do not meet the requirements.