Password

This section allows you to define password requirements for the user accounts.

Note

Zammad does not allow you to change your LDAP password. Instead, it will set a password in its local database.

Warning

Exception for admins

Please note that the password policies below do not affect administrators setting passwords on user accounts. While this seems strange and not safe, we believe that an administrator knowing a user’s password is insecure as well. The suggested workflow is to use one of the following suggestions:

• Use third-party logins to not require local passwords at all

• Require your users to reset their password upon first login

This way administrators are not required to set a user’s password at all!

Maximum Failed Logins

You can choose a value between 4 and 20. This defines how often a login to a user account may fail until Zammad will lock it. Your users can always use the Forgot password? function to change their password and unlock their account.

Default: 10

Note

Beside changing the user’s password, you can also unlock accounts via

• User management

• Console (system documentation)

• API (system documentation)

Hint

Failed logins via LDAP no longer lock accounts.

2 Lower Case And 2 Upper Case Characters

You can add complexity to passwords by enforcing at least 2 upper and lower case characters.

Default: no

Minimum Length

This defines the minimum password length required for users to provide (from 4 to 20).

Default: 6

Digit Required

This enforces your users to use at least one digit within the password.

Default: yes

Special Character Required

This setting allows you to improve your password quality even more by enforcing the password to contain at least one special character.

Default: no