Identity domain password policies should require yearly password rotation
Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel,
n'hésitez pas à nous contacter.
Description
Password policies in OCI Identity Domains should enforce password rotation at least annually by setting password expiration to 365 days or less. Regular password rotation reduces the risk of compromised credentials being exploited over extended periods and helps maintain account security. Organizations should configure both default and custom password policies to meet this rotation requirement.
Note: This rule excludes the system-provided simplePasswordPolicy and standardPasswordPolicy policies as these are not user editable, not assignable to groups, and do not apply as default policies. Custom password policies that are not assigned to any groups are excluded because they are not applied to any users and therefore have no effect.
Configure password policies in your OCI Identity Domain to require password expiration within 365 days or less. For guidance on managing password policies in Identity Domains, refer to the Managing Password Policies section of the Oracle Cloud Infrastructure documentation.
