Password security for Admins

Hello,

I have passwords requirements set on the top level as the main admin. But I just found an account another Domain Admin created which was super simple.

Is this the case that Site/Domain Admins can bypass the security settings the top level Admin puts in place?

This does not see like a good idea at all.

So next steps will require figuring out how to export all accounts and manually scan for other unsecure passwords?

Employee Replied

6/27/2017 at 2:52 PM

Employee Post

Hi Steve, A Sys Admin can create any password they want for an end-user. However, once that end-user attempts to log in, if their password doesn't meet the current password requirements, they will be prompted to change it.

Matt Petty Replied

6/28/2017 at 7:18 AM

Employee Post

We also changed this behavior in SmarterMail 16, Domain administrators are now bound by the same password requirements as everyone else. System administrators still bypass the password requirements, and can set any password onto user a user without requirements like Rod mentioned.

Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com

Manuel Replied

6/28/2017 at 10:45 AM

Hello, it's possible to implement to force strong password for all users, domain admin and sys administrators ??

Thanks
Manuel

GRAFFITI — It's Communication Riva del Garda (TN), I-38066 – Località Pasina 46 Milano, I-20129 - via Lamberto De Bernardi 1 Verona, I-37134 - via Legnago 126 San Francisco, US-94111 California – 275 Battery St, Suite 2600 website: www.graffiti.it

3 Replies

Reply to Thread

Related Knowledge Base Articles

3 Replies

Reply to Thread

Tags

Related Knowledge Base Articles