The Password Policy page allows you to configure policies that users must follow while creating or resetting passwords to access their ZIdentity Landing page.

To configure the password policy:

1. Go to Policy > Password.
2. Set the Configuration Type to Default or Custom. Zscaler recommends enabling Default. If you select Custom, you need to configure the following fields:
   • Password Length: Set the minimum length of the password.
   • Minimum No. of Lowercase Letters: Set the minimum number of lowercase letters required in the password.
   • Minimum No. of Uppercase Letters: Set the minimum number of uppercase letters required in the password.
   • Minimum No. of Numeric Characters: Set the minimum number of numeric characters required in the password.
   • Minimum No. of Special Characters: Set the minimum number of special characters required in the password.
   • Password must not include company name, username, first name, or last name: Turn on to restrict the user from including their company name, username, first name, or last name in the password.
   • Reject reuse of last 5 passwords: Turn on to restrict users from reusing their last 5 passwords. Passwords that are changed after a 24-hour gap fall under this criterion. Any password changes that occur within 24 hours are disregarded by the ZIdentity service. For example, if you reset your password 3 times (the second reset being after 24 hours of the first reset, and the third reset being within 24 hours of the second reset), the second password change is disregarded and can be used again as a new password.
   • Deactivate user after 10 unsuccessful attempts: Turn on to deactivate the user account after 10 unsuccessful login attempts.
   • Allow administrator to create or change user's password: Turn on to allow the administrator to create or change user's password.
   • Enforce password change after the initial login: Turn on to prompt users to change their password after the initial login.
   • Password expiration period (in days): Set the password expiration period after which users can reset their passwords. You can set the expiration period from 15 to 365 days.

See image.

3. Click Save.