Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry AtHoc
  3. 7.15
  4. System Administrator Configuration Guide
  5. Manage system settings
  6. Security policy settings
  7. Define password rules

Define password rules

Threats of security breaches have motivated organizations to develop stringent rules governing password creation and mandatory password change cycles.
BlackBerry AtHoc
 enables customizing the rules for password creation and password complexity to conform to your organization’s policies, including compliance with the United States Department of Defense password requirements.
System Administrators and Enterprise Administrators can access the Security Policy screen, change the rules for password creation, control the visibility of the Password Never Expires setting on user profile pages, and enforce a system-wide password update for all operators the next time the operators log in.
In addition to the rules covered on the Security Policy screen, consider communicating the following guidelines to your organization when defining passwords:
  • Avoid words found in a dictionary, or a proper name, spelled forwards or backwards.
  • Avoid simple keyboard sequences with repeated keystrokes.
  • Avoid previously used passwords.
  • Avoid strings that reference personal information.
  1. In the navigation bar, click The Settings icon.
  2. In the
    System Setup
     section, click
    Security Policy
    .
  3. In the
    Password Update Rules
     section, on the
    Security Policy
     screen, specify values based on the following information:
    If a password rule is unnecessary in your organization, type 0 (zero) as its value.
    • Renew Password After
      : Force operators to change their passwords every
      n
       number of days. Type the number of days that a password is valid. Type
      0
       to never force operators to change their passwords.
    • Show "Password Never Expires"
      : Select this option to display the Password Never Expires option on user profile pages. This option is selected by default. You must have system administrator or enterprise administrator permissions to set this option.
    • Reuse Password After
      : Prevent operators from recycling recent passwords. For example, if you type
      5
       the system does not accept any of the last 5 passwords created by an operator. Type
      0
       to allow operators to use any previous password.
    • Minimum Password Age
      : Set the minimum time interval for changing passwords. For example, type
      15
       to force users to wait at least 15 days before changing their passwords.
    • Minimum Changes in Password
      : Specify the minimum number of characters in a password to prevent users from using very similar passwords. For example, type
      5
       to force users to change at least 5 characters each time they change their passwords.
    • Lock Account After
      : Prevent unauthorized attempts to guess an operator’s password. Type the maximum number of login attempts allowed. Operators cannot log in using the same username after a lockout. Type
      0
       to allow an unlimited number of login attempts.
    • Reset Lockout After
      : If a lockout occurs, reset it after a specified number of minutes. Set to
      0
       (zero) to prevent the lockout from being automatically reset. For this last case, to reactivate the account, the administrator must go to
      Users
       >
      Users
      . Click the user's name, then click
      Edit Operator Permissions
       on the user details screen. Click
      Unlock
       to change the status.
  4. Click
    Save
    .
The updated password requirements go into effect for all new operators and for existing operators when their passwords expire. Operators whose passwords never expire do not have to change their passwords to conform to updated password requirements.