![](https://play.vidyard.com/Rktz5Yw32J4EdVU59cvWtb.jpg)
Demo: Password Policies
Transcript
Details
Speaker 1: Okta centralizes password management into a single easy to use password policy page. From here, administrators can easily set password requirements, like minimum password length and age, lockout settings, like max failed attempts, and even password reset options.
Speaker 1: Admins also have the ability to apply these settings at a system wide level or to assign different policies at a more granular level. For businesses with complex security requirements across multiple teams. These settings also apply to users authenticating and resetting passwords in Okta or even to those who are authenticating and resetting passwords in active directory or LDAP via delegated authentication.
Speaker 1: Let's take a closer look at password reset management by configuring these settings for a group of executives at our company. Let's locate their password policy and scroll down to the account recovery settings. From here, let's configure how long password resets or unlocked recovery emails are valid for. Considering my executives have more sensitive access, let's require them to act upon the recovery email in a shorter time period, about two hours. Next, let's ensure that their password recovery question responses are nice and complex, at least 10 characters. Then let's give them some additional ways to reset their passwords beyond just the traditional recovery email and security question flow by permitting SMS and voice