Password security for Admins
Question asked by Steve Guluk - June 27, 2017 at 12:26 PM
Unanswered
Hello, 
I have passwords requirements set on the top level as the main admin. But I just found an account another Domain Admin created which was super simple.

Is this the case that Site/Domain Admins can bypass the security settings the top level Admin puts in place?
 
This does not see like a good idea at all.
 
So next steps will require figuring out how to export all accounts and manually scan for other unsecure passwords?

3 Replies

Reply to Thread
0
Rod Lasky Replied
Employee Post
Hi Steve,  A Sys Admin can create any password they want for an end-user.  However, once that end-user attempts to log in, if their password doesn't meet the current password requirements, they will be prompted to change it.
Rod Lasky
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Matt Petty Replied
Employee Post
We also changed this behavior in SmarterMail 16, Domain administrators are now bound by the same password requirements as everyone else. System administrators still bypass the password requirements, and can set any password onto user a user without requirements like Rod mentioned.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Manuel Replied
Hello, it's possible to implement to force strong password for all users, domain admin and sys administrators ??

Thanks
Manuel
GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it

Reply to Thread