for Google Workspace
for Microsoft 365

Q.　I would like to know about the password policy for archive accounts.

A.　We adopt the following password policy to prevent users from the brute-force attack or unauthorized use.

[Account Lock]

-  When a user inputs a wrong password 6 times, the account will be locked, and that user will be unable to log in for 15 minutes.

 

"Failed to login. Too many login attempts. Please wait for a while."

* Other users in the same domain can still log in normally (unaffected). 

[Password Policy]

- User's passwords are required to fulfill these requirements:

・Minimum password length is 8 characters
・Maximum password length is 40 characters  
・Password contains at least one letter(alphabet), one number, and one symbol
・Password is not the same as the username
  (Example: login name: hdeuser@test.example.com -> username: hdeuser)

 [Password changed by other users]

- When a certain user's password is changed by another user (such as Domain Admin or User Admin), the next time that the user logs in, s/he will be forced to change the password.

Example1)
1. User A (Domain Admin) changes user B (Domain Viewer) password.
2. When user B logs in, user B will be forced to change their password.

Example2)
1. User A (Domain Admin) creates a new user: user C (Domain Viewer).
2. The first time user C logs in, they have to change their password to a new password.

 - When another user (such as Domain Admin or User Admin) changes a certain user's password,  a login password for the administrator user who is about to reset the password (such as Domain Admin or User Admin) will be required.