Checkup Documentation

Force password policy on logon

severity-high cms-settingskey-force-password-policy-login

Summary

Important Security Note: If your site has custom authorization configured this check may not be applicable.

Password Policies help keep your site secure by requiring newly created passwords to meet criteria set within the Kentico Xperience settings. The Force Password Policy setting forces existing users to update their passwords to match the password policy when they login ensures compliance across your site.

Check Logic

Constant Care for Kentico will ensure the Force password policy setting is turned on (default)

You can manage your settings for this checkup in the Constant Care for Kentico admin settings.

Resolution

To determine whether your site's Password Policy is turned on you can navigate to the Settings Application and then find the Security & Membership > Passwords settings.

From there you will want to find the Password Policy section and verify whether the Force Password Policy On Logon checkbox is checked. We recommend that the Force Password Policy On Logon setting be turned on.

Not sure what to do?

If you are ever unsure about making changes to your site, we encourage you to reach out to your Kentico Xperience Gold Partner. If you do not have a partner, then feel free contact the Constant Care For Kentico team to get connected with an expert.