To change password policy, login to the MSPControl and click on Password Policy,
or go to Organization > Organizations > Password Policy.
Here you can change password preferences for the organization.
First two fields, Min and Max length, are pretty self-explanatory.
Enforce password history setting determines the number of unique new passwords that must be associated with a user account before an old password can be reused. Many users want to reuse the same password again and again. The longer the same password is used, the greater the vulnerability for hacker attacks.
Notification Days - how many days before password expiration panel will start to warn user about password change necessity. Daily.
Max Password Age (days) basically determines how often user can change their password.
Send password change notification - if you check this field, users would receive email notifications.
Next you can define whether you want to enable Lockout for wrong attempts or not.
The Account lockout duration policy setting determines how long a locked-out account remains locked out before automatically becoming unlocked. A value of 0 specifies that the account will be locked out until an administrator explicitly unlocks it.
Account lockout threshold is the number of failed sign-in attempts that will cause a user account to be locked. If it is set to a number greater than zero, Account lockout duration must be greater than or equal to the value of Reset account lockout counter after.
Finally, you can change Password Complexity settings.
Here you can decide how many uppercase letters, numbers and / or special symbols you want to have in all passwords.
Now, when you're done here, click Save Changes and Exit. This will save your changes and redirect you to the home page. Save Changes button also saves your changes, but leaves you on the same page.