Understand the Criteria for Password Policies

You can use Simple, Standard, or Custom password policies in Oracle Identity Cloud Service. The default settings for Simple, Standard, or Custom password policies are:

Criteria Simple Standard Custom
Minimum length (characters) 6 8 8
Maximum length (characters) 40 40 40
Password expires after (days) Never 120 120
User account is locked (after consecutive, unsuccessful attempts) 20 5 5
Can use previous passwords Yes No Yes
Alphabetic characters (minimum) 1 0 0
Numeric characters (minimum) 1 1 1
Lowercase characters (minimum) 0 1 1
Uppercase characters (minimum) 0 1 1
Can contain the user's first name Yes No No
Can contain the user's last name Yes No No
Can contain the user's user name Yes No No
Can contain a whitespace character Yes No No

You can't modify the Simple or Standard password policy. You can modify the Custom password policy. See Modify the Custom Password Policy to learn how to tailor the strength of this password policy to meet the business and security requirements for your enterprise applications.