Add Password Protections
When your data and business requirements warrant it, design and implement password protections. These protections can range from providing guidelines to your users to implementing programmatic checking to enforce password complexity and management.
Complexity verification verifies that each password is complex enough to provide reasonable protection against intruders who try to break into the system by guessing passwords. This encourages users to create strong passwords.
Password management includes things such as password aging and expiration, automatically locking users out of the application after failed login attempts, and controlling the reuse of old passwords.
To enforce password complexity programmatically, use the password plugins. For more information about the plugin framework and to view a sample password plugin, see System Plugin Framework and Password Plugin Sample in the Application Developer's Guide.