FedRAMP Compliance FAQs for User Authentication

FedRAMP Compliance FAQs for User Authentication

Created On 02/04/22 23:34 PM - Last Modified 03/22/22 12:20 PM


FedRAMP Compliance FAQs for User Authentication

FedRAMP Compliance

We are enhancing our products to meet FedRAMP compliance requirements. As a result, federal customers will be asked to change their passwords in order to meet FedRAMP compliance requirements

Who is impacted by this change?

All federal customers

Why am I being prompted for password change?

You’ll be prompted to change your password if you are a federal customer, to comply with FedRAMP requirements

Are there new requirements for my password?
Yes, your FedRAMP compliant password must contain:

  1. Minimum 12 characters
  2. At least one each of uppercase, lowercase, numbers, and special characters

How often do I need to change my password? 

You will be prompted to change your password every 60 days


Will my account get locked if I provide incorrect password many times?

Yes, if you provide an incorrect password 3 times, the account will get locked and it will be auto-unlocked after 3 hours


How do I get my account unlocked if it's locked?

You can wait for 30 minutes, or open a support case to get it unlocked sooner


FedRAMP compliance includes Multi-Factor Authentication

 Multi-Factor Authentication (MFA) is crucial to protect data against theft and damage.  A Microsoft report concluded MFA blocks 99.9% automated cyberattacks. When users login, they will be asked to enter an MFA verification code, which we’ll email to the user. Google Authenticator will no longer be an option and will be removed.

How do I get support for any issues I face? Is the support model changing?

The support model remains the same, nothing changes in the way you open and manage tickets.  If you have questions, please open a support case at https://support.paloaltonetworks.com.


Whitelisting Palo Alto Networks applications

If your company whitelists applications, please add the following IP addresses. - identity.paloaltonetworks.com - login.paloaltonetworks.com - sso.paloaltonetworks.com - sso.paloaltonetworks.com

If you need help to resolve issues, please reach out to our team at Contact Support.



  • Print
  • Copy Link


Choose Language