Configure PoolParty to Use Stronger Passwords
Passwords of PoolParty users who are managed with the PoolParty User Management are stored and managed in Keycloak. Keycloak comes preconfigured with a default password policy requiring PoolParty passwords to be at least 8 characters long.
Administrators can define a minimum password length, mixed cases, digits and special characters. They can also enforce periodical password change, control password hashing and prevent users from reusing their previous passwords or using passwords matching their email address, username or words from a custom exclude-list.
To configure a custom password policy, Access Keycloak for PoolParty On-Premise. For more information on the procedure and individual options, refer to Password policies and Password policy types.
Note
Additionally, you can configure a number of failed logins before the user account gets temporarily disabled. For more information, refer to Brute force attacks.