End-of-Life (EoL)

Create a Password Policy

Follow these steps to create a passwordpolicy in Cortex XSOAR.
In Cortex XSOAR you can set a default FIPS compliant password policy in the
Password Policy
tab. Any changes in the
Password Policy
override any password changes made in the server configuration settings.
  1. Go to
    Password Policy
  2. In the
    Enable Password Policy
    section, select
  3. Add the password requirements, as necessary.
    The 0 value disables the settings.
  4. When selecting
    choose one of the following options to unlock the user’s account:
    • By Admin only
      : only administrators can manually unlock user accounts.
    • Automatically
      : users can unlock themselves after a specified period of time.
    Locked out users cannot use API keys. Cortex XSOAR has a delay mechanism for multiple failed logins. However, unlike the lockout mechanism, this system is not suitable for preventing automated brute-force attacks. It is useful for preventing accidental lockouts.
  5. Click

Recommended For You