A password policy is a set of rules designed to improve security by establishing strict password requirements for your users. These rules are enforced on all users in your account.

In this article:

Password Policy Settings

Password policy supports global password settings modification for all users on your account. You can configure the following password settings:

  • Minimum password length
  • Minimum uppercase characters
  • Minimum numeric characters
  • Minimum special characters
    Valid special characters: @ # $ % ^ & * ( ) - _ = + ' " [ ] { } | ; : < > , . / ? !
  • Password history restriction
    Prevents users from entering previously used passwords when updating their passwords.
  • Password Expiration
    The number of days before a password expires and a new one must be set.

Default Policy

The default password policy contains the following requirements:

  • Minimum 8 characters in length
  • Minimum 1 number character
  • Minimum 1 uppercase character
  • Minimum 1 special character
  • 1 password history restriction
  • Password never expires

Recommended Policy

For your convenience we offer a recommended policy. This is a stricter policy than the default policy which uses the following settings:

  • Minimum 12 characters in length
  • Minimum 2 number characters
  • Minimum 2 uppercase characters
  • Minimum 1 special character
  • 2 password history restrictions
  • Password never expires

Custom Policy

Select this option to configure your own password policy. The strength indicator will update as you adjust each policy setting. We strongly recommend using a policy with a minium strength of Strong.

Managing Password Policy

Managing the password policy requires the Manage Accounts permission. Only an account admin has the permissions required to modify this setting.

Use the following steps to manage the password policy for your account:

  1. Log in to iQ Tag Management.
  2. In the user admin menu, select Manage Password Policy.
  3. Modify the password settings and click on Update Password Settings.

The changes take effect immediately.

Password Expiration

Tealium account passwords do not expire by default. However, depending on your security requirements, you can configure how long a password can be valid before needing to be reset.

To configure the password expiration time for your account, set the expiration time to a number of days greater than 0.

Changing to a Stricter Password Policy

If you set a stricter password policy, you may break some users’ current passwords. This forces those users to reset their passwords if they don't satisfy the new password requirements. As an admin, you cannot change passwords for other users.

Failed Logins

Note that after 5 unsuccessful login attempts, your account is temporarily locked for five minutes.

Related Articles