SSO Password Policy Q&A (non-Federal customers)
10271
Created On 12/11/18 08:33 AM - Last Modified 11/26/25 01:39 AM
Question
What are the SSO password policies?
For Federal customers, please refer to the FedRAMP Compliance FAQs for User Authentication.
Environment
OKTA
Answer
Q - What is the minimum and maximum password length?
A - Password length must be at least 11 characters and maximum 72 characters
Q - What are the requirements of password complexity?
A - The password should contain at least one each of upper-case letters, lower-case letters, numbers and special characters
A - The password should contain at least one each of upper-case letters, lower-case letters, numbers and special characters
Q - How often do I need to change my password?
A - The validity of your password is 365 days
A - The validity of your password is 365 days
Q- Can I reuse my old passwords?
A- Your new password cannot be any of your last 24 passwords
Q- How often can I change my password?
A- At least 1 day must have elapsed since you last changed your password
A- Your new password cannot be any of your last 24 passwords
Q- How often can I change my password?
A- At least 1 day must have elapsed since you last changed your password
Q - After how many failed login attempts am I locked out of my account?
A - Your account gets locked for 15 minutes after 5 consecutive failed attempts. If you want to reset your password while your account is locked, you will need to go to the Customer Support Portal home page and click on "Request Assistance" link. Alternatively, you can use our self-service option to unlock your account (after clicking the Sign In button, expand the Need Help Signing In tab and select the Unlock Account? option).
A - Your account gets locked for 15 minutes after 5 consecutive failed attempts. If you want to reset your password while your account is locked, you will need to go to the Customer Support Portal home page and click on "Request Assistance" link. Alternatively, you can use our self-service option to unlock your account (after clicking the Sign In button, expand the Need Help Signing In tab and select the Unlock Account? option).
Q - How often must you change your CSP password to remain valid?
A - Passwords have a maximum validity of 365 days. This means you must change your password at least once a year.
Additional Information
For further information, please visit the links below: