By default, JIRA allows you to create a password of any combination and length. For security, organizations often need to have password policies such as password length and complexity to strengthen the passwords and make them difficult to guess.
In this recipe, we will look at how to set up password policies in JIRA to define the strength of passwords.
Proceed with the following steps to enable and configure the password policy settings:
- Navigate to Administration | User Management | Password Policy.
- Select from one of the predefined policy settings, or select the Custom option and configure the settings yourself.
- Click on the Update button to enable the password policy, as shown in the following screenshot:
With the password policy configured, every time someone tries to create a new password, JIRA will make sure the new password satisfies the policy rules. If it does not, error messages will be displayed with information on the requirements, as shown in the following screenshot:
Apart from the built-in password policy feature, there is also a third-party add-on called password policy, which provides features such as password age and user account locking. You can get the add-on from the following link:
https://marketplace.atlassian.com/plugins/com.intenso.jira.plugins.password-policy
After you have installed the add-on in JIRA, there will be a new Password Policy section in Add-ons under Administration. Click on the Configure link and you will be able to set your password policy, as shown in the following screenshot:
