Password Policies › Create a Password Policy › Enable Additional Password Policies

Enable Additional Password Policies

CA Identity Manager lets you create basic password policies that manage user passwords by enforcing password expiration, composition, and usage. You can also define these additional password rules and restrictions:

• Password expiration:
  • Track failed logins or successful logins.
  • Authenticate a login.
  • Password expiration if not changed
  • Password inactivity
  • Incorrect password
  • Multiple regular expressions
• Password restrictions:
  • Minimum days before reuse
  • Minimum number of passwords before reuse
  • Percent different from last password
  • Ignore sequence when checking for differences.

Follow these steps:

1. Go to Directories, <name of the directory>, User in the Management Console.
2. Verify that the %PASSWORD DATA% and %ENABLED STATES% -> 'STATE' are mapped to physical attributes.
3. These attributes are mapped by default in the sample directory.xml files. If these attributes are not mapped, see the CA Identity Manager Configuration Guide for additional information.