Fortinet black logo

Administration Guide

Home FortiEDR/XDR 6.2.0 Administration Guide
6.2.0
6.2.0
6.0.0
5.2.1
5.2.0
5.1.0
5.0.0
4.2.0
4.1.1
4.1.0

Defining a password policy

Defining a password policy

To enhance security and better secure the access to the FortiEDR system, you can define a password policy to enforce some basic rules that apply to all user passwords, including the default password you create for each user and existing users that are created before the password policy is defined. All existing users with a password that does not comply with the new password policy will be prompted to change the password at their next login.

To define a password policy:
  1. Click the Password Policy button ().
  2. Fill in the displayed window. The requirements you define will be applied to all new and existing users.

    Option

    Description

    Minimum password lengthSpecify the minimum number of characters the password must include.
    Brute-force protection

    Specify whether to block user login after five failed login attempts in the Manager console or Rest API. Blocked users will not be able to log in before an administrator resets the password in the Administration -> Users tab.

    Require 2FA

    Require all users to use Two-factor authentication. You can further configure the 2FA prompt frequency to be one of the following:

    • Always—The user has to re-authenticate for each login.

    • Daily—The user has to re-authenticate every 24 hours.

    • Weekly—The user has to re-authenticate every 7 days.

    NoteThis option enforces 2FA on all users. To require only specific users to use 2FA, leave this option empty and enable the 2FA option for specific users, as described in Users.
    Require a combination of at least three of the following character types

    Require all passwords to include at least three of the following character types:

    • Uppercase letters

    • Lowercase letters

    • Digits

    • Symbols

  3. Click Save.

After you save the password policy, all new users must follow the password policy. Existing users with a password that does not comply with the new password policy will be prompted to change the password at their next login.

Previous
Next

Defining a password policy

To enhance security and better secure the access to the FortiEDR system, you can define a password policy to enforce some basic rules that apply to all user passwords, including the default password you create for each user and existing users that are created before the password policy is defined. All existing users with a password that does not comply with the new password policy will be prompted to change the password at their next login.

To define a password policy:
  1. Click the Password Policy button ().
  2. Fill in the displayed window. The requirements you define will be applied to all new and existing users.

    Option

    Description

    Minimum password lengthSpecify the minimum number of characters the password must include.
    Brute-force protection

    Specify whether to block user login after five failed login attempts in the Manager console or Rest API. Blocked users will not be able to log in before an administrator resets the password in the Administration -> Users tab.

    Require 2FA

    Require all users to use Two-factor authentication. You can further configure the 2FA prompt frequency to be one of the following:

    • Always—The user has to re-authenticate for each login.

    • Daily—The user has to re-authenticate every 24 hours.

    • Weekly—The user has to re-authenticate every 7 days.

    NoteThis option enforces 2FA on all users. To require only specific users to use 2FA, leave this option empty and enable the 2FA option for specific users, as described in Users.
    Require a combination of at least three of the following character types

    Require all passwords to include at least three of the following character types:

    • Uppercase letters

    • Lowercase letters

    • Digits

    • Symbols

  3. Click Save.

After you save the password policy, all new users must follow the password policy. Existing users with a password that does not comply with the new password policy will be prompted to change the password at their next login.

Previous
Next