Modify the Custom Password Policy

Oracle Identity Cloud Service provides you with a Custom password policy that contains predefined settings. You can tailor the strength of this policy to meet the business and security requirements for your enterprise applications.

See Understand the Criteria for Password Policies for a listing of the predefined settings for the Custom password policy.

You can access the Customizing the Service infographic to see how to customize a password policy in Oracle Identity Cloud Service.

  1. In the Identity Cloud Service console, expand the Navigation Drawer, click Settings, and then click Password Policy.
  2. Select a policy which uses the Custom password policy and go to the Password Rules tab. Alternatively, you can create a new policy and change the Custom password policy on the Password Rules page.
  3. Click Change Your Password Policy.
  4. Click Custom.
  5. To modify the Custom password policy, use the following list:
    Field Description
    Password length (min size)

    How many characters the password must contain

    Note:

    A password must contain at least one character.
    Password length (max size)

    How many characters are allowed for the password

    Note:

    A password can’t exceed 256 characters.
    Expires after (days)

    How many days until the password expires

    Note:

    Setting this option to 0 means that the password never expires.
    Account lock threshold

    The number of consecutive, unsuccessful login attempts into Oracle Identity Cloud Service after which the user account is locked

    Note:

    If you enter 0 in the Account lock threshold field, then the user's account will never be locked.
    Enable auto unlock account To enable users to automatically unlock their accounts in Oracle Identity Cloud Service after a configured time.
    Auto unlock account after (minutes) The amount of time (in minutes), after which Oracle Identity Cloud Service will unlock an account automatically. You can set a value ranging between 5 minutes and 24 hours.
    Previous passwords remembered How many unique new passwords a user must use before an old password can be reused
    Alphabetic (min) How many alphabetic characters the password must contain
    Numeric (min) How many numeric characters the password must contain
    Special (min) How many special characters the password must contain
    Lowercase (min) How many lowercase characters the password must contain
    Uppercase (min) How many uppercase characters the password must contain
    Unique (min) How many unique characters a password must contain. Increasing the number of unique characters in a password can increase password strength by avoiding repetitive sequences that are easily guessed.
    Repeated (max) How many repeated characters are allowed for the password. This rule limits the use of repeating characters in a password. This value provides extra security by preventing users from specifying passwords that are easy to guess, such as the same character repeated several times.
    Starts with (Alphabetic character) To force the first character of the password to be an alphanumeric character, select this check box.
    Required Characters To activate the text field to the right of the check box, select the check box. Any alphanumeric or special characters that you enter into this field, separated by commas, are required characters for the password.
    User attributes (The user's first name) To prevent the user's first name from being used as all or part of the password, select this check box.
    User attributes (The user's last name) To prevent the user's last name from being used as all or part of the password, select this check box.
    User attributes (The user name) To prevent the user's user name from being used as all or part of the password, select this check box.
    Characters not allowed To activate the text field to the right of the check box, select the check box. Any alphanumeric or special characters that you enter into this field, separated by commas, are characters that aren't allowed for the password.
    Whitespace Character To prevent whitespace characters from being used as part of the password, select this check box. A whitespace character is a character that represents horizontal space in Oracle Identity Cloud Service. For example, for the display name of John Smith, the space between the first name of John and the last name of Smith is a whitespace character.
    Restricted Words

    If you select this check box, then you can screen all passwords against the following words:

    Password,Qwerty,BaseBall,Dragon,Monkey,LetMeIn,Abc,Mustang,Access,Shadow,Master,Michael,Superman,BatMan,Trustno,Welcome,Fusion,Oracle,Orcl,ILoveYou,Paas,Admin,Administrator,Cloud,Princess,Azerty,Guest

    Oracle Identity Cloud Service will reject any passwords that match the words in the list.

  6. Click Save.
  7. In the Save Password Policy dialog box, to force all users in your identity domain to set a new password upon their next login, select the Force all users to set a new password on their next login. check box.

    Otherwise, don't select the Force all users to set a new password on their next login. check box. The password policy applies to users only when they are created or when they reset their passwords.

  8. Click OK.

    Tip:

    To reinstate the previously saved password policy, click Cancel. If you click Cancel, then all your changes will be lost.