We recently decided to follow NIST guidlines and are changing our minimum password length. We initially wanted to use 16 digits, but found our finance/accounting app, Microsoft Dynamics GP, only supports upto 15 character passwords (great job Microsoft).
So we want to set our minimum to 15, but Onelogin policies only let us choose 12 or 16.
16 won't work due to the above, and 12 we feel is not good enough.
AD lets us set it to 15 (through AD administrative center). Onelogin is hooked into AD as our master source.
I'm guessing if we picked 12, and users tried to change password in OL it would error out due to AD rules, but the wording to users would say 12 and cause confusion.
So how can we get OL to require 15 characters?
Please sign in to leave a comment.