Passwordstate Policy Management Many design aspects of Passwordstate utilize a Policy driven approach to managing permissions and settings throughout Passwordstate, providing a very flexible approach to managing your environment.

Through the use of Policy driven management, make changes to permissions and settings throughout Passwordstate is a very simply process, where changes can easily be propagated to designated users with minimal effort.

Password Strength Policies

Password Strength Policies are used as a set of rules for determining the strength of a Password. Once a policy is created, it can be applied to one or more Password Lists. Each of the settings below can be weighted differently, allowing you to build a policy which makes sense for the environment the passwords relate to:
  • Minimum LowerCase Characters - specifies how many lowercase characters are required as a minimum (abcd, etc)
  • Minimum UpperCase Characters - specifies how many uppercase characters are required as a minimum (ABDCD, etc)
  • Minimum Numeric Characters - specifies how many numeric characters are required as a minimum (1,2,3,etc)
  • Minimum Symbol Characters - specifies how many symbol characters are required as a minimum (%@:!, etc)
  • Preferred Password Length - specifies the minimum number of total characters the password should have
  • Requires Upper And Lower Case - indicates if the passwords string must have both lower and uppercase characters
  • Password Strength Compliance - indicates the desired Password Strength Complexity (Very Poor, Weak, Average, Strong or Excellent). With the following graphic when editing/adding a password, the 'Compliance Strength' indicator shows the user what password complexity is desired for the applied policy

Password Generator Policies

Password Generator Policies are used as a set of rules for generating random passwords within the system. Once a policy is created, it can be assigned to one or more Password Lists, or users can simply select the policy when they need to generate random passwords on mass. These policies can also be called via the API to generate passwords. The type of settings available are:
  • Password Length - minimum and maximum
  • Alphanumerics - Lowercase, uppercase, Numbers
  • Exclude certain Alphanumerics
  • Special characters and brackets - fine grain control over which special characters can be used
  • Pattern Generation - for example, l for Lowercase, u for uppercase, and n for numbers i.e. ullllnnnnllllnnnn
  • Word Phrases - insert random words at the beginning or end of a password, or randomly in the middle

User Account Policies

User Account Policies are used to control various user settings as they relate to their 'Preferences' area, and 'Screen Options' for Password List and Folders. There are a total of 31 different User Account Policy settings which can be applied to individual user accounts, or security groups.

Password Lists Template Policies

Password List Templates can be used to apply consistency to settings for your Password Lists, and accessing the Templates from within the Administration area allows you to see all Templates created by all users. Templates can be used in the following way:
  • You can link Password Lists to a Template, and then manage all settings from the Template. When you do this, the majority of options for any linked Password Lists will be disabled
  • You can apply a Template's settings as needed (once off) when you add a new Password List, or edit an existing Password Lists' settings
  • You can apply permissions to a Password List as needed (once off) when you add a new Password List, or edit an existing Password Lists' settings. Permissions can be copied from a template

Email Notification Group Policies

Email Notification Group Policies are used to manage any/all of the 47 real-time email notifications that can be generated from within Passwordstate. These policies allows you fine control over which emails users receive.