Modify Password Policy

22.4 and later for Hosted (Cloud) customers that are not using Single Sign-On (SSO) to sign in to PowerSchool ERP.

You can define the password policy for PowerSchool ERP users according to your district's security policies.

Do not use this page if your district uses Single Sign-On (SSO) to sign in to PowerSchool ERP.

Menu Path

Select System Administration from the main menu, then All or Administration. In the User Administration menu, select Modify Password Policy.

Modify Password Policy Procedure

Fill out the fields according to your district's security policies.
Select Submit.

Fields

Field	Description
Maximum Password Age	Select a maximum password age from the list. This defines the number of days a password will be active. A user will be prompted to change their password upon the first login after the maximum password age has passed. Password age is reset for a user when: A user is added in User Management. The password is changed by the user. A password is set for the user by an administrator.
Minimum Password Length	Select a minimum password length from the list. The default is 8 characters. There is a maximum password length of 20 characters. The password must be at least the minimum number of characters.
Number of Failed Logins	Select a number of login attempts a user can make before their account is locked. This setting works in conjunction with the Lockout Evaluation Window. A user cannot log into PowerSchool ERP if their account is locked, even if the user enters accurate credentials.
Number of Passwords to Remember	Select a number of passwords that will be saved in the software to prevent the user from repeating the same password. The value selected determines the number of passwords retained in the software that cannot be reused. For example, if the Number of Passwords to Remember is 3, the user cannot repeat any of the previous three used passwords but can reuse a password from further back in their history of using the software. Setting a higher value prevents a user from reusing a password for a longer time.
Lockout Evaluation Window	Select a period for which a user is locked out of the software after attempting to sign in with incorrect credentials. If a user attempts to sign in to the software before the selected time has passed, even if the credentials are correct the login will fail and the time will be reset. This setting works in conjunction with the Number of Failed Logins.
Password Expiration Warning	Select a period for which users are notified that the password is going to expire. 5 Days 10 Days (default) 15 Days 20 Days 30 Days
Enforce Password Complexity	Select the checkbox to require the following additional password rules: The password cannot be the same as the username. The password contains characters from three of the following categories: Uppercase letters of European languages (A through Z, with diacritic marks, Greek and Cyrillic characters) Lowercase letters of European languages (a through z, sharp-s, with diacritic marks, Greek and Cyrillic characters) Base 10 digits (0 through 9) Non-alphanumeric characters (special characters): (~!@#$%^&*_-+=`\|\(){}[]:;"'<>,.?/) Currency symbols such as the Euro or British Pound are not counted as special characters. Any Unicode character that is categorized as an alphabetic character but is not uppercase or lowercase. This group includes Unicode characters from Asian languages.