You can create up to ten password policies in your identity domain, assign relative priorities to them, and attach them to groups. A group cannot be assigned to more than one password policy.
Note:Group-based password policies must be enabled by Oracle. To enable group-based password policies, file a Service Request with My Oracle Support. If you don't file a Service Request, then you won't be able to use group-based password policies.
To set the password policy for your identity domain, you must be assigned to either the identity domain administrator role or the security administrator role. See Add or Remove a User Account from an Administrator Role.
- In the Identity Cloud Service console, expand the Navigation Drawer, click Settings, and then click Password Policy.
- Click Add.
- Enter a name and optionally a description. Choose the priority and click Next.
The priority can be any integer between 1 and 10, where 1 is highest priority and 10 is lowest. If there is already a password policy with the priority you choose, that policy moves to the next priority number. For example, if there is a password policy with a priority of 2 and another with a priority of 3, and you create a new policy with a priority of 2, the other policies will have priorities of 3 and 4.
- Click the button that represents the type of policy that you want to set for your identity domain (Simple, Standard, or Custom). Click Next.
- Attach one or more groups to the password policy. Each group can only have one policy assigned to it. Click Add and select the group, then click OK.
If a user has only one group assigned to them, then the password policy attached to that group is the password policy assigned to the user.
If a user has more than one group assigned to them, then the password policy with the highest priority is the password policy assigned to the user.
- Click Finish.
- In the Save Password Policy dialog box, select the Force all users to set a new password on their next login. check box.
Do this to ensure that their passwords meet the criteria for the policy before the users can use Oracle Identity Cloud Service.
Otherwise, don't select the Force all users to set a new password on their next login. check box. The password policy applies to users only when they are created or when they reset their passwords.
- Complete one of the following actions:
- To save the updated password policy, click OK.
- To reinstate the previously saved password policy, click Cancel.