Password compliance reports SM7242 (probably public beta too?)

Hello,

We recently had some compromised accounts due to crappy passwords and in order to inform all our users having old insecure passwords so they update their password, we tried to use the Password compliance report.

However the report and export is empty.

I'm sure we have a lot of users that aren't compliant with the requirements we've set. Is the report broken ?

Kind regards

Sébastien Riccio

System & Network Admin

https://swisscenter.com

Sébastien Riccio Replied

1/28/2020 at 7:31 PM

Okay, maybe it's because of the setting:

Skip enforcement for existing passwords - Select this option to allow changes to the password requirements to only affect new users or new passwords.

It is currently enabled so that's maybe why the report shows nothing. I don't really understand what the setting is supposed to do.

If I disable it, will it affect users with non-compliant password ? Or it is just for the report ?

Kind regards.

Sébastien Riccio System & Network Admin https://swisscenter.com

Sébastien Riccio Replied

1/29/2020 at 1:42 AM

After playing a bit with this I came to the conclusion that to see existing password that are not compliant you must disable "Skip enforcement for existing passwords "

However when you do this, it also forces the users to change their password when they logs into the webmail.

We do not want (yet) to force them to change the password, but only have an overview of current accounts with bad passwords.

Sébastien Riccio System & Network Admin https://swisscenter.com

2 Replies

Reply to Thread

Related Knowledge Base Articles

2 Replies

Reply to Thread

Tags

Related Knowledge Base Articles