Setting password policies
Security > Password Policy lets you set the SIP password and user PIN policy for administrators and extension users. For information on setting SIP password and user PIN, see Configuring IP extensions.
You can also edit extension user passwords.
To set password policies
- Go to Security > Password Policy > Password/PIN Policy.
- Configure the following:
GUI field
Description
Password / PIN Policy
Select to enable or disable the SIP password and user PIN policy for administrators and extension users.
Password Policy
- Minimum password length: Set the minimum acceptable length (8) for passwords.
- Password must contain: Select any of the following special character types to require in a password. Each selected type must occur at least once in the password.
- Upper-case-letter — A, B, C, ... Z
- Lower-case-letter — a, b, c, ... z
- Number — 0 ... 9
- Non-alphanumeric — punctuation marks, @,#, ... %
- Apply password policy to: Select where to apply the password policy:
- Admin user — Apply to administrator web GUI passwords. If any password does not conform to the policy, require that administrator to change the password at the next login.
- SIP users — Apply to FortiVoice SIP phone users’ passwords. If any password does not conform to the policy, require that user to change the password at the next login.
- User passwords: Apply to user portal access passwords. If any password does not conform to the policy, require that user to change the password at the next login.
PIN policy
Minimum PIN length: Set the minimum acceptable length (6) for the user PIN.
- PIN must contain:
- Number: to include a number (0-9) in the PIN.
- PIN special: Select to include special characters in the PIN.
- Apply PIN policy to: Select Voicemail users to apply the policy to FortiVoice phone users’ user PIN. If any PIN does not conform to the policy, require that user to change the PIN at the next login.
- PIN expiration: Select the voicemail PIN expiration options.
- Never: Users set their voicemail PIN and the PIN never expires.
- Default Only: Extension users using the default voicemail PIN is prompted to change the PIN when accessing their voicemail for the first time. For information on voicemail PIN, see Configuring IP extensions.
- All: Extension users are prompted to change the voicemail PIN when accessing their voicemail for the first time and regularly according to the PIN expiration time.
- PIN expiration time: If you selected All for PIN expiration, select the PIN expiry time in days.
Allow empty admin password
Select to allow leaving the admin password field empty when logging in to the system.
This option only appears when you disable Password / PIN Policy.
- Click Apply.
To edit extension user passwords
- Go to Security > Password Policy > Password Auditor.
- Double-click an extension of which you want to edit the user passwords.
- Under User Setting, change the passwords as required. For more information, see Configuring IP extensions.
- Click OK.