The Horizzon password policy can be used to create a more secure Horizzon for your organization.

A changed password policy is enforced when passwords are changed. Users will need to be forced to change their password in order to comply with a new policy. Users can change their password by clicking the Forgot password on the Horizzon sign-in page.

Configuring the password policy should only be done by application administrators who are familiar with installing and configuring software and databases.


Required roles

System Administrator

Steps:

  1. In the sidebar menu, click Settings > General.

  2. On the general settings page, in Username length, set the required Minimum length for the username. Initial value is set to 0.

    In Password length, set the required Minimum length and Maximum length for the password. Initial values are set to 8 and 150.



  3. In Password complexity, specify the required complexity of the password.



    Minimum uppercase, lowercase, digits, special characters: For each character type, determine the minimum number that should be in the password, and set the minimum required number of character types that should be in the password. Initial values are set to 1, 1, 0, 0.

    Character combination: Set the required combination of character types that must be used in a password. Initial value is set to "At least three types".

  4. In Password expiration, you can activate password expiration for users. The date on which a user has last changed their password will serve as reference for the next time the user will be forced to change their password when signing in to Horizzon. For example, if the expiration period is set to 50 days, the user will need to change their password 50 days after they have last changed their password. In case that day has long passed when the expiration period is set, the user will immediately need to change their password the next time they sign in.



    Activate password expiration by selecting the option User passwords must be changed regularly.

    In Days before passwords expire, set the number of days a user can keep using the same password. Initial value is set to 365. Minimum allowed value is 1.

  5. Click Apply to save the changes.