Password Requirements and Expiration

LegalServer does not expire passwords by default. Site administrators can change this on the Admin > Site Settings page.

Users with an expired password are taken to the "Change Password" page after logging in with an expired password.

Note: Selecting a password expiration takes effect immediately and applies retroactively. For example, if a site is not using password expiration then selects 90 days, all users who have not changed their password in 90 days will be forced to change their password on the next login.

See Also: Multifactor Authentication and Single Sign On Integrations

Password Requirements and Options:

LegalServer enforces the following requirements for user account passwords.

  • Must have at least 1 letter and 1 number

  • Minimum length is 8 characters

  • Cannot be a series of letters ending with either 1, 12, 123, or 1234

  • Cannot be 1234abcd or 1234qwer

  • Special characters like ! @ # $ % ^ & * ( ) { } are supported. And probably encouraged by your agency.

In addition, the administrator can require these elements by changing Site Settings-> Security Settings:

(1) Passwords must contain least one upper case character

(2) Passwords must contain at least one lower case character

(3) Passwords must contain at least one special character

Newly changing any or all of these options to "Yes" will only affect newly chosen passwords.