Let's take a look at the password policies in Password Manager. One of neat features of Password Manager is the ability to set what we call fine grained password policies, as well as multiple password policies. And what this essentially means is that we can do policies that Microsoft Active Directory can't do. And you can take a look here I'll show you.
For example, here are the policy rules that I have set up. And you can see we have this huge list of policies that we can do, all the way from dictionary rule, so that if we have words in the dictionary-- in a dictionary that we define, they can't be in there. So if you don't want your corporate name or product names or something like that to be in people's password, you could do that there. It also has a basic default dictionary of 500 or 1,000 words that are common.
All the way down the symmetry rule where you can't do ABC, CBA, stuff like that. We can do, obviously, the password aging rules, certain characters disallowed, required, sequence rule, so you can do AAA, BBB, that kind of thing. We can have it so they don't pull things from their username, say, their first name or their last name, things like that.
Then we also have a customizable rules which you can do as well. So you can kind of write a little bit of script in here that would do something else with it.
Another neat feature is that we can apply it to different groups. So if you want to apply one policy for admin users and a different policy for your regular users, that's fine. You just have two different policies and they apply to two different users. We also have the ability to apply these same policies even if the user resets their password outside of Password Manager. It does require a small installation on the domain controller in order to use the Microsoft password templates, and then we can go ahead and do.
01:50
