Creating Strong Passwords in Orchestrator

Orchestrator has a strong password option. This is a switch-based feature and can be made active if the impose_strong_password parameter is set to true in orchestrator.yml file. By default this value is false. For more information, see Orchestrator Configuration File (orchestrator.yml).

When the strong password option is active, the following is true:

• The user account is inactivated after a predefined number of unsuccessful attempts to log in. The admin must then manually reactivate the user in the UI. The number of unsuccessful login attempts allowed for a user is set from the allowed_logon_attempts parameter in orchestrator.yml. By default, the value for this parameter is set to 3.
• The user must enter a password which satisfies the following criteria:
  • Minimum length of eight characters.
  • At least one upper-case character.
  • At least one lowercase character.
  • One or more of the following permitted special characters: @#$%^&+=
  • New user passwords cannot be the same as any of the previous three passwords.

  These criteria are defined by a regular expression that can be configured or changed as needed. The regular expression comes from the strong_password_regex parameter in orchestrator.yml.

  Modifying parameters of orchestrator.yml is discussed in Orchestrator Configuration File (orchestrator.yml).