End-of-Life (EoL)

Create a Password Policy

Follow these steps to create a passwordpolicy in Cortex XSOAR.
In Cortex XSOAR you can set a default FIPS compliant password policy in the
Password Policy
tab. Any changes in the
Password Policy
override any password changes made in the server configuration settings.
  1. Go to
    Settings
    USERS AND ROLES
    Password Policy
    .
  2. In the
    Enable Password Policy
    section, select
    On
    .
  3. Add the password requirements, as necessary.
    The 0 value disables the settings.
  4. When selecting
    unlock
    choose one of the following options to unlock the user’s account:
    • By Admin only
      : only administrators can manually unlock user accounts.
    • Automatically
      : users can unlock themselves after a specified time.
    Locked out users cannot use API keys. Cortex XSOAR has a delay mechanism for multiple failed logins. However, unlike the lockout mechanism, this system is not suitable for preventing automated brute-force attacks. It is useful for preventing accidental lockouts.
  5. Click
    Save
    .

Recommended For You