Skip to content

Configure password policies

To enforce password security, configure password policies for Sophos Mobile Admin and Sophos Mobile Self Service Portal.


The password policies do not apply to users from an external LDAP directory.

  1. On the menu sidebar, under SETTINGS, click Setup > General, and then click the Password policies tab.
  2. Under Rules, you can define password requirements, like a minimum number of lower-case, upper-case or numerical characters that a password must contain to be valid.
  3. Under Settings, configure the following settings:

    • Password change interval (days): Enter the number of days until a password expires (between 1 and 730), or leave the field empty to disable password expiration.
    • Number of previous passwords which must not be reused: Select a value between 1 and 10, or select --- to disable this restriction.
    • Maximum number of failed login attempts: Select the number of failed login attempts until the account gets locked (between 1 and 10), or select --- to allow an unlimited number of failed login attempts.
  4. Click Save.