Manage Password Restrictions

Use this operation to add or remove banned passwords from the unsanctioned password list.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: Identity Security

Domain: TBD

Modifies: TBD

When to Perform this Operation

As Needed: Proactive or in Response to User/Security

Technical Description and Importance

Managing unsanctioned passwords helps maintain strong password hygiene across the organization by preventing the use of common, weak, or compromised passwords. This proactive measure reduces the risk of credential-based attacks, including brute force and credential stuffing, by ensuring users cannot set easily guessable passwords. Regularly updating the banned password list ensures alignment with evolving threat landscapes and potential compliance needs for secure password policies. These efforts support a robust security posture while enabling smooth and secure user operations.

Management Options

• Add a Banned Password
• Remove a Banned Password

Add a Banned Password:

Purpose
Add a password to the unsanctioned list to block its usage.
Use Case
A commonly used weak password (e.g., "password123") is detected and must be added to the banned list to prevent its use by users.

Remove a Banned Password:

Purpose
Remove a password from the unsanctioned list to permit its usage.
Use Case
A previously banned password is no longer considered a threat due to updated organizational policies or reduced relevance and needs to be removed from the banned list.

Add a Banned Password

This operation adds a password to the unsanctioned list to block its usage.

Remove a Banned Password

This operation removes a password from the unsanctioned list to permit its usage.

Need Assistance?