Starting with Resilio Connect v2.10, Management Console requires strong password for users.
The requirements must all be met, and these are:
- Be at least 8 symbols long
- Contain a number
- Contain upper and lower case letters
- Contain a special character
These requirements do not apply to LDAP users, which still use their AD password policy.
They also don't apply to those users that were created on older version of Management Console before update to v2.10. However, if a user will try and change the password after update, new strong password will be required.
Resilio Connect v.2.11 adds requirements for password expiration and enforces passwords history. By default, passwords need to be changed every 120 days, and Management Console keeps history of last 10 passwords used.
These metrics are controlled through Management Console configuration file, parameters
numPreviousPaswordsChecks. A user can change the password anytime not awaiting for password expiration.
However, when the password expires, the user is forced to update it upon the next login.