Force password policy on logon
severity-high
cms-settingskey-force-password-policy-login
Summary
Important Security Note: If your site has custom authorization configured this check may not be applicable.
Password Policies help keep your site secure by requiring newly created passwords to meet criteria set within the Kentico Xperience settings. The Force Password Policy setting forces existing users to update their passwords to match the password policy when they login ensures compliance across your site.
Resolution
To determine whether your site's Password Policy is turned on you can navigate to the Settings Application and then find the Security & Membership > Passwords settings.
From there you will want to find the Password Policy section and verify whether the Force Password Policy On Logon checkbox is checked. We recommend that the Force Password Policy On Logon setting be turned on.
Not sure what to do?
If you are ever unsure about making changes to your site, we encourage you to reach out to your
Kentico Xperience Gold Partner. If you do not have a partner,
then feel free
contact the Constant Care For Kentico team to get connected
with an expert.