Configure password policies

To enforce password security, configure password policies for users of the Sophos Mobile Control console and the Self Service Portal.

Note: The password policies do not apply to users from an external LDAP directory. For information on external user management, see the Sophos Mobile Control super administrator guide.
  1. On the menu sidebar, under SETTINGS, click Setup > General, and then click the Password policies tab.
  2. Under Rules, you can define password requirements, like a minimum number of lower-case, upper-case or numerical characters that a password must contain to be valid.
  3. Under Settings, configure the following settings:
    1. Password change interval (days): Enter the number of days until a password expires (between 1 and 730), or leave the field empty to disable password expiration.
    2. Number of previous passwords which must not be reused: Select a value between 1 and 10, or select --- to disable this restriction.
    3. Maximum number of failed login attempts: Select the number of failed login attempts until the account gets locked (between 1 and 10), or select --- to allow an unlimited number of failed login attempts.
  4. Click Save.