Describes the password policy and how to set it in Cortex XSOAR.
You can set a password policy for all internal users in Cortex XSOAR. The password policy enables you to do the following:
Set password complexity requirements.
Set the password expiry and prevent repetition passwords (remembers the last 30 passwords).
Brute-force prevention (user lockout after a number of attempts).
By default, Cortex XSOAR provides the following default password policy:
A FIPS compliant password policy in the Password Policy tab. To create a password policy, see Create a Password Policy.
New installations: when installing Cortex XSOAR in interactive mode, you must have a strong password. If installing with the
-y
option you can use a non FIPS compliant password, but you must change the password upon first log in.Upgrade: all internal users with a non FIPS compliant password may need to change their password upon next log in. Password expiry and repetition prevention does not work retroactively and passwords before the upgrade are not considered. For existing passwords, the expiry countdown starts from the upgrade time.
Before installing or upgrading, you can change the password policy by adding a server configuration, as described in Edit a Default Password Policy. However, as soon as you make password changes in the Password Policy tab, these settings override the server configuration settings. All further changes are made in the Password Policy tab.