Newer Version Available
Set Password Policies
To ensure that the appropriate level of password security is used for your organization,
specify password requirements with Password Policies settings.
| Available in: both Salesforce Classic and Lightning Experience |
| Available in: Contact Manager, Group, Professional, Enterprise, Performance, Unlimited, Developer, and Database.com Editions |
| User Permissions Needed | |
|---|---|
| To set password policies: | “Manage Password Policies” |
For your organization’s security, you can set various password and login policies.
- From Setup, enter Password Policies in the Quick Find box, then select Password Policies.
- Customize the password settings.
- Customize the forgotten password and locked account assistance information.
Field Description Message If set, this message appears in the “We can’t reset your password” email that users receive when they lock themselves out by trying to reset their password too many times. The text also appears at the bottom of the Answer Your Security Question page when users reset their passwords. You can tailor the text to your organization by adding the name of your internal help desk or a system administrator. For the email, the message appears only for accounts that need an administrator to reset them. Lockouts due to time restrictions get a different system email message.
Help link If set, this link displays with the text defined in the Message field. In the “We can’t reset your password” email, the URL displays just as it is typed in the Help link field, so the user can see where the link goes. This URL display format is a security feature, because the user is not within a Salesforce organization. On the Answer Your Security Question page, the Help link URL combines with the text in the Message field to make a clickable link. Security isn’t an issue, because the user is in a Salesforce organization when changing passwords.
Valid protocols:- http
- https
- mailto
- Specify an alternative home page for users with the “API Only User” permission. After completing user management tasks such as resetting a password, API-only users are redirected to the URL specified here, rather than to the login page.
- Click Save.