Password Reset: Minimum Password Age with Enforce Password Change Requirement

Follow
    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • SecureAuth IdP Version Affected: 9.0 and below

     

    Description:

    How to configure the reset realm to use Enforce Password Change Requirements while allowing a minimum password age of 1 or greater.

     

    Cause:
    When using Enforce Password Change Requirement, the SecureAuth IdP sets two passwords: a randomly generated password and the user's new password. This causes an issue with AD policies that have a minimum password age of 1 or greater.

     

    Resolution:
    1. Go to your Password Reset Configuration Page

    2. Switch the Password Reset Mode to "Administrative Password Reset".

    3. Change Must Change Password at Next Logon to "True".

    4. Click Save.

    5. Switch the Password Reset Mode back to "Enforce Password Change Requirements"

    • Leave Must Change Password at Next Logon to "True". Once you set it to Enforce Password Change Requirements, it will be hidden but still selected.

    6. Click Save.

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.