Password Policy Management

The Password Policy feature in IONOS Cloud helps organizations enforce password security by defining a set of rules that must be followed when creating and updating passwords. This feature is crucial for safeguarding accounts and ensuring adherence to security standards. Always ensure that your policies are in line with industry best practices to safeguard your data effectively.

Note: Only contract owners can define the password policy applicable to the sub-users in the contract.

Features

  • Customizable Rules: The password rule can be customized to your needs such as recommendations to have complex passwords to improve the security of user accounts. You can define criteria on the length of the password, whether or not to include lowercase and uppercase letters, numbers, and special characters in the password and the minimum quantity of each of these character types.

  • Ease of Use: Using the DCD or the IAM Identity Password Policies API, contract owners can manage password policies easily.

  • Flexibility: Create, retrieve, update, or delete a password policy as needed. It is recommended to keep your policies reasonable to promote user compliance. On deleting a password policy, the IONOS standard applies for password management.

Info: The IONOS standard password policy requires a minimum of five characters and recommends including a combination of uppercase and lowercase letters, at least one number, and special characters if needed.

API endpoint

The Password Policy Manager feature is part of the Identity Management API and can be managed using the /{passwordPolicyId}/ endpoint. Further documentation can be found in the respective Password Policy API documentation.

Note: All Create, Read, Update, and Delete (CRUD) operations that can be performed using the Password Policy Manager in the DCD can also be accomplished via the API.

To access this API, you must authenticate requests using your Bearer token, which enables requests to authenticate using a JSON Web Token (JWT). From the DCD, Generate authentication token.

Password Policy Manager in the DCD

Using the DCD, you can create, update, or delete a password policy as needed.

Create a password policy

To create a password policy, follow these steps:

1. In the DCD, go to Menu > Management > Password Policy under Security.

2. Click Create password policy in the Password Policy Manager.

3. Enter the following details to configure a password policy:

  • Description: Add a detailed description that explains the password policy. The length of the description must not exceed 1024 characters.

  • Password length: Enter or use arrow keys to select the maximum password length. You cannot set a password policy that is less than 5 characters in length. For example, if the defined length is 9, the password must be a minimum of nine characters in length.

  • Must contain uppercase letters [A—Z]: Select the checkbox if the password policy must contain any uppercase letters from A—Z.

    • Minimum quantity: Enter or use arrow keys to specify the allowed count of uppercase characters in the password. For example, if 4 is the quantity chosen, the password must contain a minimum of four uppercase characters.

  • Must contain lowercase letters [a—z]: Select the checkbox if the password policy must contain any lowercase letters from a—z.

    • Minimum quantity: Enter or use arrow keys to specify the allowed count of lowercase characters in the password. For example, if 4 is the quantity chosen, the password must contain a minimum of four lowercase characters.

  • Must contain numerics [0-9]: Select the checkbox if the password policy must contain numbers from 0 to 9.

    • Minimum quantity: Specify the minimum allowed count of numerics in the password.

  • Must contain special characters [@, #, $, %, etc.]: Select the checkbox if the password policy must contain special characters. Any character apart from a—z,A—Z, and 0 to 9 is referred to as a special character.

    • Minimum quantity: Specify the minimum allowed count of special characters in the password.

Note:

— There are no maximum limits defined for the password length, number of lowercase, uppercase, numerics, and special characters. The quantity specified in the password policy refers to the minimum allowed values.

— When the checkbox for a specific character type to be allowed is selected, then their Minimum quantity allowed value cannot be zero.

4. Click Save password policy.

Result: The password policy is successfully created.

Note:

— The created password policy is enforced only on new users setting up the password. Existing user accounts continue to work on the password policy previously used.

— You can create only one password policy for your contract.

Update a password policy

To update an existing password policy, follow these steps:

1. In the DCD, go to Menu > Management > Password Policy under Security.

2. Click Edit to update the description or password policy details such as the length of the password or characters allowed in the password policy.

3. Click Save to reflect the changes made to the password policy.

Result: The password policy is successfully updated and these changes apply to new users setting up the password. Existing user accounts continue to work on the password policy previously used.

Delete a password policy

If you no longer need a password policy, you can delete it permanently. To delete an existing password policy, follow these steps:

1. In the DCD, go to Menu > Management > Password Policy under Security.

2. Click Delete and confirm the deletion again by selecting Delete and use IONOS Standard.

Info: The IONOS standard password policy requires a minimum of five characters and recommends including a combination of uppercase and lowercase letters, at least one number, and special characters if needed.

Result: The password policy is successfully deleted and the IONOS standard applies for password management.

Last updated