Setting a Password Policy

password policy

A password policy represents the rules that are used to create a password—the letters, letter cases, length, and any special characters that are required. Some institutions require only lower case characters while others will demand that an upper case character, number, and special character be used, as well as a specified minimum length. In general, it is a good idea to use the longest allowable length and the largest permitted mix of characters. Please verify the exact password requirements with the entities that require them.

The Password Policy dialog allows users to set the choice as a global password generation policy. This policy can be overridden temporarily and passwords manually edited at any time in the Edit/View Entry dialog.

Selecting Password Rules

Each item checked in the dialog forces Password Safe to include the specified characters in the passwords it generates. Each password will also be generated to the specified length (no shorter, no longer). The only exception to this is the Use hexadecimal digits only check box. When checked, passwords will include those characters that represent hexadecimal digits only. In order to enable this choice, all other check boxes must be cleared.

Save password history by default

When you change an entry's password, Password Safe can record the previous passwords associated with the entry. This can be useful, for example, if the change failed to take effect at the site associated with this entry. This option specifes if recent passwords are stored by default for new entries. You can always override this for a given entry in the Add Entry or Edit/View Entry dialog boxes.