Password ======== This section allows you to define password requirements for the user accounts. .. note:: Zammad does **not** allow you to change your LDAP password. Instead, it will set a password in its local database. .. warning:: **Exception for admins** Please note that the password policies below do not affect administrators setting passwords on user accounts. While this seems strange and not safe, we believe that an administrator knowing a user's password is insecure as well. The suggested workflow is to use one of the following suggestions: - Use third-party logins to not require local passwords at all - Require your users to reset their password upon first login This way administrators are not required to set a user's password at all! Maximum Failed Logins --------------------- You can choose a value between ``4`` and ``20``. This defines how often a login to a user account may fail until Zammad will lock it. Your users can always use the **Forgot password?** function to change their password and unlock their account. Default: ``10`` .. note:: Beside changing the user's password, you can also unlock accounts via - :ref:`User management ` - :docs:`Console (system documentation) ` - :docs:`API (system documentation) ` .. hint:: Failed logins via LDAP no longer lock accounts. 2 Lower Case And 2 Upper Case Characters ---------------------------------------- You can add complexity to passwords by enforcing at least 2 upper and lower case characters. Default: ``no`` Minimum Length -------------- This defines the minimum password length required for users to provide (from ``4`` to ``20``). Default: ``6`` Digit Required -------------- This enforces your users to use at least one digit within the password. Default: ``yes`` Special Character Required -------------------------- This setting allows you to improve your password quality even more by enforcing the password to contain at least one special character. Default: ``no``