Newer Version Available

This content describes an older version of this product. View Latest

Set Password Policies

Improve your Salesforce org’s security with password protection. You can set password history, length, and complexity requirements. You can also specify what to do when a user forgets the password.
Available in: both Salesforce Classic (not available in all orgs) and Lightning Experience
Available in: Contact Manager, Essentials, Group, Professional, Enterprise, Performance, Unlimited, Developer, and Database.com Editions

User Permissions Needed
To set password policies: Manage Password Policies
You can set different password and login policies based on the type of user. However, these policies apply to all user passwords.
  • User passwords cannot exceed 16,000 bytes.
  • Logins are limited to 3,600 per hour per user. This limit applies to organizations created after Summer ’08.
  • A password can’t contain a user’s username and can’t match a user’s first or last name. Passwords also can’t be too simple. For example, a user can’t change their password to password.
For all editions, a new org has the following default password requirements. You can change these password policies in all editions, except for Personal Edition.
  • A password must contain at least eight characters, including one alphabetic character and one number.
  • The security question’s answer can’t contain the user’s password.
  • When users change their password, they can’t reuse their last three passwords.

To define password policies:

  1. From Setup, enter Password Policies in the Quick Find box, then select Password Policies.
  2. Customize the password settings.
    Field Description
    User passwords expire in The length of time until a user password expires and must be changed. The default is 90 days. This setting isn’t available for Self-Service portals.

    Enabling the Password never expires policy overrides the User passwords expire in policy.

    Note

    You can change this setting to an expiration date that is earlier or later than the previous expiration date. To remove an expiration date, select Never expires.

    Enforce password history Save users’ previous passwords so that they must use a new, unique password when changing passwords. Password history is not saved until you set this value. The default is 3 passwords remembered. You cannot select No passwords remembered unless you select Never expires for the User passwords expire in field. This setting isn’t available for Self-Service portals.
    Minimum password length The minimum number of characters required for a password. When you set this value, existing users aren’t affected until the next time they change their passwords. The default is 8 characters.
    Password complexity requirement The types of characters that must be used in a user’s password.
    • No restrictionHas no requirements and is the least secure option.
    • Must include alpha and numeric charactersThe default setting. Requires at least one alphabetic character and one number.
    • Must include alpha, numeric, and special charactersRequires at least one alphabetic character, one number, and one of the following characters: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~.
    • Must include numbers and uppercase and lowercase lettersRequires at least one number, one uppercase letter, and one lowercase letter.
    • Must include numbers, uppercase and lowercase letters, and special charactersRequires at least one number, one uppercase letter, one lowercase letter, and one of the following characters: ! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~.
    • Must include 3 of the following: numbers, uppercase letters, lowercase letters, special charactersRequires at least three of the following options: one number, one uppercase letter, one lowercase letter, and one special character (! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~).

    Only the characters listed meet the requirement. Other symbol characters are not considered special characters.

    Note

    Password question requirement The restrictions to place on the password hint’s answer.
    • Cannot contain password—Restricts the answer from containing the password.
    • None—Places no restrictions on the answer. The user must provide an answer to the password hint question. This setting is the default.

      This setting is not available for Self-Service portals, the Customer Portal, or partner portals.

    Maximum invalid login attempts The number of login failures allowed for a user before the user is locked out. This setting isn’t available for Self-Service portals.
    Lockout effective period The duration of the login lockout. The default is 15 minutes. This setting isn’t available for Self-Service portals.

    When a user is logged in to an active session but is later locked out, the user remains logged in to the active session.

    A locked-out user must wait until the lockout period expires. Alternatively, a user with the Reset User Passwords and Unlock Users permission can unlock a user from Setup.

    1. Enter Users in the Quick Find box.
    2. Select Users.
    3. Select the user, and click Unlock.

    This button is available only when a user is locked out.

    Note

    Obscure secret answer for password resets Hide answers to security questions as the user types. The default is to show the answer in plain text.

    If your org uses the Microsoft Input Method Editor (IME) with the input mode set to Hiragana, when you type ASCII characters, they’re converted in to Japanese characters in normal text fields. However, the IME doesn’t work properly in fields with obscured text. If your org’s users can’t properly enter their passwords or other values after enabling this feature, disable the feature.

    Note

    Require a minimum 1 day password lifetime A password can’t be changed more than once in a 24-hour period. This policy applies to all password changes, including password resets by Salesforce admins.
    Allow use of setPassword() API for self-resets When selected, apps can use the setPassword() API to change the current user’s password to a specific value. Deselect this option for increased security. When deselected, apps must use the changeOwnPassword() API to prompt users to set their password value. The changeOwnPassword() API verifies the user’s current password before allowing the change. When you deselect this option, you can’t select it again.
  3. Customize the forgotten password and locked account assistance information.

    This setting is not available for Self-Service portals, the Customer Portal, or partner portals.

    Note

    Field Description
    Message If set, the message you enter appears in the We can’t reset your password email. Users receive this email when they lock themselves out by trying to reset their password too many times. The text also appears at the bottom of the Answer Your Security Question page when users reset their passwords.

    You can add the name of your internal help desk or a system admin to the default text. The message appears only for accounts that need an admin to reset the password. Lockouts due to time restrictions get a different system email message.

    Help link If set, this link displays along with the text defined in the Message field. In the We can’t reset your password email, the URL displays exactly as it is typed in the Help link field. This format provides extra security because the user isn’t within a Salesforce org but can still see where the link goes.

    On the Answer Your Security Question page, the Help link URL combines with the text in the Message field and forms a clickable link. Security isn’t an issue because the user is in a Salesforce org when changing passwords.

    Valid protocols are:
    • http
    • https
    • mailto
  4. Specify an alternative home page for users with the API Only User permission. After completing user management tasks such as resetting a password, API-only users are redirected to the specified URL rather than to the login page.
  5. Click Save.