FedRAMP Compliance FAQs for User Authentication

FedRAMP Compliance FAQs for User Authentication

2175
Created On 02/04/22 23:34 PM - Last Modified 03/22/22 12:20 PM


Environment

FedRAMP Compliance FAQs for User Authentication



FedRAMP Compliance

We are enhancing our products to meet FedRAMP compliance requirements. As a result, federal customers will be asked to change their passwords in order to meet FedRAMP compliance requirements
 

Who is impacted by this change?

All federal customers
 

Why am I being prompted for password change?

You’ll be prompted to change your password if you are a federal customer, to comply with FedRAMP requirements

Are there new requirements for my password?
Yes, your FedRAMP compliant password must contain:

  1. Minimum 12 characters
  2. At least one each of uppercase, lowercase, numbers, and special characters

How often do I need to change my password? 

You will be prompted to change your password every 60 days

 

Will my account get locked if I provide incorrect password many times?

Yes, if you provide an incorrect password 3 times, the account will get locked and it will be auto-unlocked after 3 hours

 

How do I get my account unlocked if it's locked?

You can wait for 30 minutes, or open a support case to get it unlocked sooner

 

FedRAMP compliance includes Multi-Factor Authentication

 Multi-Factor Authentication (MFA) is crucial to protect data against theft and damage.  A Microsoft report concluded MFA blocks 99.9% automated cyberattacks. When users login, they will be asked to enter an MFA verification code, which we’ll email to the user. Google Authenticator will no longer be an option and will be removed.



How do I get support for any issues I face? Is the support model changing?

The support model remains the same, nothing changes in the way you open and manage tickets.  If you have questions, please open a support case at https://support.paloaltonetworks.com.

 

Whitelisting Palo Alto Networks applications

If your company whitelists applications, please add the following IP addresses.

34.120.119.85 - identity.paloaltonetworks.com
34.102.139.110 - login.paloaltonetworks.com
15.205.166.251 - sso.paloaltonetworks.com
15.200.153.34 - sso.paloaltonetworks.com


If you need help to resolve issues, please reach out to our team at Contact Support.

 



 


Attachments
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000004N6kCAE&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Attachments
Choose Language