To enhance account security, Comm100 provides the Password Policy feature which allows you to set up password strength rules that all your Comm100 accounts must conform to. By default, the Password Policy feature is enabled with a set of predefined password rules.
On the Control Panel, you can go to Global Settings > Security > Password Policy to access and configure the password settings.
Comm100 provides password policies covering aspects of password length, complexity, password history and age. To minimize the risk of password attacks, some policies cannot be disabled.
| Password Policy Item | Default Setting | Requirement |
| Password must have at least XX characters | Enabled with value 8 |
|
| Require three of the four types of characters: uppercase, lowercase, numeric and special (e.g., $, &, #, @, etc.) | Enabled | None |
| Prevent use of agent names as passwords | Enabled | CANNOT be disabled |
| Prevent commonly used password phrases, such as 123456, password, and qwerty | Enabled | CANNOT be disabled |
| Password cannot be the same as one of the last XX passwords | Enabled with value 1 | None |
| Password expires in XX days after creation and must be changed before next log-in | Not enabled | None |
| Password can be changed for at most xx times within 24 hours | Not enabled | None |
| Account will be locked after xx failed login attempts | Enabled with value 5 | None |