As an inSync Administrator, you can configure inSync policy to bypass the password policy defined at the system level. This configuration is available under the Retention and Access Policies section of the Backup Policies tab. Therefore, if Ignore System Password Policy for users is enabled, you can still configure the password policy manually for the inSync Client device.
Configure password policy
To configure the password policy for systems in a workgroup:
- Open Control Panel and navigate to System and Security > Administrative tools > Local Security Policy > Account Policies > Password Policy.
- Set Minimum password length as 10 Characters.
- Set Password must meet complexity requirement as Enabled.
With the above settings, the minimum length of the password must be 10 characters.
- Open Control Panel and navigate to System and Security > Administrative tools > Local Security Policy > Account Policies > Account Lockout Policy.
- Set the maximum allowable invalid attempts for the user in Account Lockout Threshold.You can also manually change these values later.
Consider the following configuration:
- Account Lockout Threshold = 3
- Account lockout duration = 10 minutes
- Reset account lockout counter after = 10 minutes
With the above configuration, a user will be locked out after three invalid login attempts. User will see the following error:
You have exceeded maximum invalid login attempts. Reset your password to enable authentication.
- If the user tries to activate any other device with the same credentials, the same error is displayed.
- User remains locked even after attempting to login with the correct password after 10 minutes. Only a password reset from the inSync Management Console can restore the user access. This also impacts the web login for the user.
- If the new password is too short, the following error is displayed:
Configure the password policy in Domain Controller
To check the password complexity requirements in your organization:
- Log on to a domain controller in the forest where AD RMS is installed.
- Click Start > Administrative Tools > click Group Policy Management.
- Expand the correct forest, expand domains and then click the correct domain.
- Double-click the default domain policy.
- Go to Computer Configuration > Policies > Windows Settings > Security Settings > Account Policies > Password Policy.
- Verify that the password you enter conforms to the password policy.