Assigning Password Policies
EmpowerID supports multiple policies to support different security requirements for various classes of users. When assigning Password policies, keep the following in mind:
- Directly assigning a policy to a person takes precedence over other types of assignments. For example, if a Password Manager Policy is explicitly assigned to a person, that policy overrules a policy assignment made to the person's Business Role and Location.
- You can assign Policies to any EmpowerID Roles and groups, to include:
- Business Roles and Locations,
- Management Roles,
- Management Role Definitions,
- Groups and
- Query-Based Collections.
- If a person does not have a direct policy assignment made to their person, but they belong to a role or group that does, the person receives the policy associated with the role or group.
- If a person does not have a direct assignment or indirect assignment via a role or group, they automatically receive the default policy.
To assign Password Manager policies to Users
- In the Navigation Sidebar, expand Admin, then Policies, and click Password Manager Policies.
- From the Policies tab of the Password Manager Policies management page, search for the policy you want to assign to one or more users and then click the Display Name link for that policy.
This opens the View page for the policy. View pages allow you to view details about an object in EmpowerID and manage those objects as needed. - Expand the Policy Assignees accordion and click the Add New (+) button on the grid for the type of assignee. For example, if you want to assign the policy to a Set Group or Query Based Collection, click the Add New (+) button for that grid.
- Type the name of the target assignee in the Search field for that assignee type and then click the tile for that assignee.
- Enter a priority for policy assignment in the Priority field. Priority takes effect if the selected user has another Password Manager policy. The lower the number, the higher the priority.
- Click Save.