This page will explain how to set a password policy for the users of your Kiuwan Account. 



Passwords Policy

Go to Account Management > Password policies to set a password policy for your account. 

There is a default policy (8 characters, 2 numbers), but this policy can also be customized. 

Password strength

You can configure the strength (complexity) of the passwords by specifying:

  • a minimum length for passwords

  • how many uppercases, lowercases, digits, and special characters should contain the password

Password History

Enforcing the Password History policy will set how often an old password can be reused. You can define the number of previous passwords remembered. This policy discourages users from reusing a previous password, thus preventing them from alternating between several common passwords.

Password expiration (days)

Kiuwan allows applying this policy to determine how long users can keep a password before they are required to change it, thus forcing users to periodically change it. Once the password expiration date is reached, the user will be redirected to a “change your password” page. 

Login attempts

Setting the maximum number of allowed login attempts provides protection against “brute-force” or dictionary-based attempts to guess passwords. Kiuwan allows specifying a maximum number of consecutive login attempts allowed, after which the user is automatically locked. Only the Kiuwan owner (or a Kiuwan user with Users Management privilege) can enable again the locked username.