Password security for Admins
Question asked by Steve Guluk - 6/27/2017 at 12:26 PM
I have passwords requirements set on the top level as the main admin. But I just found an account another Domain Admin created which was super simple.

Is this the case that Site/Domain Admins can bypass the security settings the top level Admin puts in place?
This does not see like a good idea at all.
So next steps will require figuring out how to export all accounts and manually scan for other unsecure passwords?

3 Replies

Reply to Thread
Employee Replied
Employee Post
Hi Steve,  A Sys Admin can create any password they want for an end-user.  However, once that end-user attempts to log in, if their password doesn't meet the current password requirements, they will be prompted to change it.
Matt Petty Replied
Employee Post
We also changed this behavior in SmarterMail 16, Domain administrators are now bound by the same password requirements as everyone else. System administrators still bypass the password requirements, and can set any password onto user a user without requirements like Rod mentioned.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278
Manuel Replied
Hello, it's possible to implement to force strong password for all users, domain admin and sys administrators ??

GRAFFITI — It's Communication
Riva del Garda (TN), I-38066 – Località Pasina 46
Milano, I-20129 - via Lamberto De Bernardi 1
Verona, I-37134 - via Legnago 126
San Francisco, US-94111 California – 275 Battery St, Suite 2600
website: www.graffiti.it

Reply to Thread