Skip to main content

XTM Cloud 13.4

Passwords settings

Feature

Description

Verify user creation and password/email change

This parameter is enabled by default. It is recommended to leave it this way.

This parameter confirmation of some actions performed on Users by Project Managers and Administrators. They can confirm the relevant action with their own password or the authentication code (if the 2-step Verification has been enabled). These action are:

  • creating a new user

  • password changes

  • email address changes

Disabling of this parameter will require confirmation with password or authentication code (if the 2-step Verification has been enabled on your instance).

Allow users to change their password

Allows users to change the password which the Administrator or PM assigned to them when creating user accounts.

Password duration (days)

Specifies the number of days that user passwords will be valid. After this period the user will have to change their password.

Check against previous passwords

Specifies the number of previous passwords that cannot be used as the current password.

Minimum password length (characters)

Specifies the number of characters required in the password.

Use brute force dictionary

Defines the words that cannot be used as or in a password. By default, the following words and components are excluded:

  • User’s first or last name

  • Administrator

  • Reviewer

  • User

  • Admin

  • Test

  • Super

  • qwe

  • 1111

  • 111

  • Password

  • Translator

  • XTM

  • Guest

  • Sys

  • Pass

Force password change on the first login

Check to enforce this measure.

Password strength

Password characters are split into 4 groups:
  • upper-case letters

  • lower-case letters

  • numbers

  • non-alphanumeric symbols

There are 3 levels of password strength

  • Simple Must use characters from at least 1 group

  • Medium Must use characters from at least 2 of the groups

  • Strong Must use characters from at least 3 of the groups