All policy types allow you to set the following password rules:
- Minimum Length: Enter the minimum number of characters a password must contain. For example, if you enter 4, the password must contain at least four characters. This field accepts values from 0 to 999 for custom passwords.
- Warn After (days): Enter the number of days before a user is notified that a password will expire. For example, suppose you enter 20 in this field and 30 in the Expires After (days) field. If a user creates a password on November 1, the user will be notified on November 21 (20 days later) that the password will expire on December 1 (30 days later). This field accepts values from 0 to 999.
- Expires After (days): Enter the number of days before a password will expire. For example, if you enter 30 and a user creates a password on November 1, then the password will expire on December 1 (30 days later). This field accepts values from 0 to 999.
- Disallow Past Passwords: Enter the number of old passwords that cannot be reused. This policy ensures that users do not change back and forth among a set of common passwords. For example, if you enter 10, a user cannot reuse any of the last ten passwords. This field accepts values from 0 to 24.
- Minimum Password Age: Enter the minimum number in days for which users must use a password. For example, if you enter 2, a user cannot change the password within two days of creating the password. The value of this field must be less than the value of the Expires After (days) field. For example, if you enter 30 in the Expires After (days) field and 31 in this field, an error occurs.
- Policy Type: The policy type for the password policy: Complex or Custom. A Complex password policy uses a standard set of password rules, as described in About Policy Types. A Custom password policy uses a custom set of password rules, as described in Custom Policy Rules.