Login Impact of Changing User Quarantine Password Policy
Article ID: 435849
Updated On:
Products
Issue/Introduction
After an administrator updates the password complexity requirements in the User Quarantine Settings page in Email Security.cloud, quarantine users whose current passwords do not meet the new criteria are prompted to reset their password immediately upon their next login attempt.
Environment
Email Security.cloud
Cause
The User Quarantine portal performs a validation check during the authentication process. If the password policy is modified (e.g., the minimum length is increased from 8 to 12 characters), the system evaluates the user's existing password against these new rules. If the existing password is found to be non-compliant, the login is interrupted, and a reset is required.
Resolution
Users with non-compliant passwords must follow the on-screen prompts to establish a new password that aligns with the updated organizational requirements.
User Experience After Policy Change
- The user navigates to the regional Quarantine portal and enters their current credentials.
- The system identifies that the current password does not meet the updated policy.
- The user is redirected to a password update page or prompted to use the "Forgot your password?" workflow to set a compliant password.
- Once the new password is set and meets the complexity requirements, the user can successfully log in.
Administrator Actions for Global Compliance
While the system forces a change at login for non-compliant users, administrators can also proactively force a reset for all quarantine accounts to ensure immediate alignment:
- Navigate to Platform > User Quarantine Settings.
- Go to the Password Controls section.
- Select All accounts password change and click Change.
- Confirm the action in the pop-up and click Save & Exit.
Feedback
