Password Management Policies¶
The Password Management Policies plugin allows helpdesk Administrators to enforce custom requirements for Agents’ and Users’ passwords in the helpdesk.
Once installed and enabled, Administrators can configure Password Management Policies by going to:
Admin Panel | Manage | Plugins | Password Management Policies
The following configurations can be set for passwords:
- Minimum length
- Character classes required
- Password strength
- Enforce on login
- Password reuse
- Password expiration
Passwords must have at least the amount of characters specified here.
Character classes required¶
The different classes referenced here are uppercase characters, lowercase characters, numbers, and special characters (Ex: @,#,$,>,etc.).
Depending on the option you choose here, (2, 3, or 4), passwords must contain characters in at least that many classes.
Password with two classes:
Password with three classes:
Password with four classes:
For password strength, you can choose to accept any strength, or you can choose to specify that passwords must have a strength that is at least weak, good, strong, or awesome.
The strength of a password depends on characters used, the case of characters used i.e. uppercase or lowercase, and the length of the password.
The easiest way to increase password strength is to use different classes for the characters in a passsword. The less classes used, the more the length of the password would need to be
to meet the strength requirement. You can read more about password strength here.
Enforce on login¶
If you choose to enforce the password policy on login, Agents and Users will be prompted to update their password to meet the requirements of the policy before using the helpdesk.
By default, the password policy plugin is configured to force Agents/Users to create new passwords when resetting them, however, an Administrator can check this box to allow the same password to be used multiple times.
This gives Administrators the option to choose how often Agents/Users should be required to change their password. By default, this option is set to where passwords never expire.
Setting the Password Policy¶
Once the password policy has been configured, the Administrator can choose the policy for Agents and/or Users.
To use the password policy for Agents, go to:
Admin Panel | Settings | Agents | Password Policy | Password Management Plugin
To use the password policy for Users, go to:
Admin Panel | Settings | Users | Password Policy | Password Management Plugin
Note: ‘Default Basic Policy’ refers to the legacy policy that was put in place prior to the current version of osTicket. The previous policy allowed Administrators to set the
password expiration for Agents. If none was set up previously, passwords in the current help desk will never expire.