Edit a Default Password Policy - Administrator Guide - 6.9 - Cortex XSOAR - Cortex - Security Operations

Cortex XSOAR Administrator Guide

Product
Cortex XSOAR
Version
6.9
Creation date
2022-09-29
Last date published
2024-03-28
End_of_Life
EoL
Category
Administrator Guide
Abstract

Edit or disable the default password policy when installing or upgrading Cortex XSOAR.

When installing or upgrading Cortex XSOAR, users with non FIPS compliant passwords may need to change their password upon next log in. You can change this behavior before upgrading or installing by adding a server configuration.

Note

After adding a server configuration, you can see the changes in SettingsUSERS AND ROLESPassword Policy. However, when you make any changes in the Password Policy tab, these override the changes made in the Server configuration. You then make any future changes in the Password Policy tab.

  1. Go to SettingsAboutTroubleshooting.

  2. In the Server Configuration section, click Add Server Configuration.

  3. Add the keys and values, as described in Default Password Policy Keys.

  4. Click Save.

    Instead of adding the keys separately, you can enter one key containing all of the information in the following format:

    { 
       "Server":{ 
          "HttpsPort":"443"
       },
       "db":{ 
          "index":{ 
             "entry":{ 
                "disable":true
             }
          }
       },
       "limit":{ 
          "docker":{ 
             "memory":true
          }
       },
       "password":{ 
          "policy":{ 
             "default":{ 
                "Enabled":true,
                "MinLowercaseChars":4,
                "MinUppercaseChars":4,
                "ExpireAfter":4,
                "ExpireUnit":"day",
                "PreventRepetition":true,
                "MaxFailedLoginAttempts":4,
                "SelfUnlockAfterMinutes":4
             }
          }
       }
    }