Setting password policy

An Identity Provider (IdP) stores and manages users' digital identities. An IdP may check user identities via username-password combinations and other factors, or it may simply provide a list of user identities that another service provider (like an SSO) checks. An IdP can authenticate any entity connected to a network or a system, including computers and other devices. Lighthouse Administrators can set Password Policies to ensure that users set secure passwords.

To set a password policy:

  1. Select SETTINGS > USER MANAGEMENT > Login Restrictions,

  2. Choose Enabled, and

  3. Click Save. Click Password Policy.
    Image of the Lighthouse UI showing how to set up password policy

Choose one or more options from the following:

  • Minimum password length – from 1 to 128

  • Require at least one capital letter

  • Require at least one number

  • Require at least one symbol

  • Disallow username in password

  • Prevent password reuse – choose a number of days or select Always

  • Set password expiry – select a number of days until passwords expire. At next login, the user will need to reset the password.