for Google Workspace
for Microsoft 365
Q. I would like to know about the password policy for archive accounts.
A. We adopt the following password policy to prevent users from the brute-force attack or unauthorized use.
[Account Lock]
- When a user inputs a wrong password 6 times, the account will be locked, and that user will be unable to log in for 15 minutes.
"Failed to login. Too many login attempts. Please wait for a while."
* Other users in the same domain can still log in normally (unaffected).
[Password Policy]
- User's passwords are required to fulfill these requirements:
・Minimum password length is 8 characters
・Maximum password length is 40 characters
・Password contains at least one letter(alphabet), one number, and one symbol
・Password is not the same as the username
(Example: login name: hdeuser@test.example.com -> username: hdeuser)
[Password changed by other users]
- When a certain user's password is changed by another user (such as Domain Admin or User Admin), the next time that the user logs in, s/he will be forced to change the password.
Example1)
1. User A (Domain Admin) changes user B (Domain Viewer) password.
2. When user B logs in, user B will be forced to change their password.
Example2)
1. User A (Domain Admin) creates a new user: user C (Domain Viewer).
2. The first time user C logs in, they have to change their password to a new password.
- When another user (such as Domain Admin or User Admin) changes a certain user's password, a login password for the administrator user who is about to reset the password (such as Domain Admin or User Admin) will be required.