Password Policy

Password policies enable administrators to enforce password requirements at both the branding and authentication provider levels. JFramework includes a default policy designed to enforce strong password usage, ensuring better protection for your brand's assets. Administrators can create custom policies that are either less or more restrictive, tailoring them to meet specific needs, and apply these policies to users.

JFramework offers 3 levels of security to match

At each level, new passwords must meet the following criteria:

• Low:

  • Minimum of 6 characters.

  • Up to 10 failed attempts allowed before account lockout.

  • Must differ from the associated email address.

• Medium:

  • Minimum of 6 characters.

  • Must include at least one number.

  • Must include both uppercase and lowercase letters.

  • Up to 10 failed attempts allowed before account lockout.

  • Must differ from the associated email address.

• High:

  • Minimum of 8 characters.

  • Must include at least one number and one non-alphanumeric character.

  • Must include both uppercase and lowercase letters.

  • Up to 10 failed attempts allowed before account lockout.

  • Must differ from the associated email address.