# Security

Security related parameters such as the password security policy and password expiration policy.

## Password security policy

* Force passwords to comply with security policy

<figure><img src="https://3503800744-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FIiEHKRx5AeABNDLcRlWX%2Fuploads%2FcPQhMOwjkVoELQUo6b0u%2Fpassword_security_policy.png?alt=media&#x26;token=cbc69e82-646e-4a87-a9f2-1d0901032fc3" alt=""><figcaption></figcaption></figure>

***

### **Security policy configuration**

The security policy is only enforced if this is enabled

* Password minimum length
* Password need digit
* Password need lowercase character
* Password need uppercase character
* Password need symbol

***

## **Password expiration policy**

The following options can be configured as part of the password security policy:

* Password expiration delay (in days)
* Password expiration notice time (in days)
* Delay before account deactivation (in days)
* Validity period of the password initialization token
* Prevent users from reusing previous passwords

***

## **Two-factor authentication (2FA)**

* 2FA Suffix : This will be added in the issuer name for authenticator app
* Enforce 2FA