Scenarios: Complex password policy rules

A password policy defines the password rules used to determine whether a new password is valid. The password rules displayed in the Identity Service Center user interface takes the following flow.

• When a user selects an account, the password policy rules for that account are displayed.

• If user selects multiple accounts, Identity Service Center combines policies for the accounts that user selected and displays the password rules in cumulative format.

• If the password policy associated with an account that user selected contains the complex password rules selected, then the password requirements also contain the rules that are associated with the complex password rules. Complex password policy rules contain four categories out of which three categories must be satisfied for a valid password. Following are the four categories for the complex password policy.
  • Uppercase letter [A-Z]
  • Lowercase letter [a-z]
  • Number [0-9]
  • Nonalphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/

• The cumulative list of password rules is displayed in the Password Requirements section of the Identity Service Center user interface.

There might be password rule conflicts. The first password policy associated with an account sets the maximum length to 2 characters. Another password policy associated with the selected account enables the password complexity rule. In this scenario, a valid password cannot be created that satisfies both the conditions. That means to create the valid password, the first policy requires maximum 2 characters and another policy with the complex password rule requires minimum 3 characters.

Parent topic: Identity Service Center scenarios