Skip to content
English
  • There are no suggestions because the search field is empty.

Using the Passwords Tab

How to use the Passwords tab

Use the Passwords tab to configure authentication requirements for users who sign in with a username and password rather than through Single Sign-On (SSO). These settings help strengthen account security by enforcing password complexity rules, expiration policies, password history requirements, and login attempt restrictions.

Password policies apply only to users who authenticate directly through FormsPro and do not affect users who sign in through an external identity provider using SSO.

  1. From the Configuration menu, click Security Settings to open the Security page. Click Passwords.
  2. In the Minimum Length field, specify the minimum length for passwords used by non-SSO users. For numeric-only passwords, we recommend a minimum of 6 characters. For alphanumeric passwords, we recommend a minimum of 8 and a maximum of 64 characters. Longer passwords generally provide stronger protection against unauthorized access and password-guessing attacks. 

  3. Select the types of character complexities to enforce. Options include Alpha Characters, Numeric Characters, Special Characters, Uppercase and Lowercase. Enforcing multiple character types increases password strength and helps meet organizational security requirements. 

  4. Toggle Set Days to Expire to enable password expiration. Enter the number of days after which users will be automatically logged out and prompted to change their password. When a password reaches its expiration date, the user is prompted to create a new password before continuing to access the system.

  5. Toggle Enforce Password History to prevent users from reusing previous passwords. Toggle No Repeats to block immediate password reuse. In the Allow Repeats after Count field, specify how many previous passwords should be remembered and restricted

  6. Toggle Set Maximum Attempts to limit the number of invalid login attempts. Specify the maximum number of attempts allowed and the lockout duration (in minutes) if that limit is exceeded.
    Once the maximum attempt threshold is reached, the account is temporarily locked and the user must wait until the lockout period expires before attempting to sign in again. 
  7. Click Save to save your settings. These settings take effect for all users who authenticate through FormsPro using local credentials, helping ensure compliance with your organization's password and security policies.