Q: When is this change happening?
A: We have adjusted the implementation date in order to provide you with more time to make the necessary changes on your side. The new implementation date is scheduled for the middle of August.
Q: Why is this change being made?
A: In an effort to increase the security posture of user accounts, we are defining a ‘default’ level of password security. These ‘default’ policy settings are inline with recognized security best practices and with other service providers.
Q: Will administrators be able to adjust and define their own password policies?
A: Yes! In fact the main reason we’re creating the ‘default’ policy, is to allow administrators to define ‘custom password policies’ for their users. However, the first step in launching this exciting feature is to define a ‘default’ level of password security first.
Q: Who’s affected by the change?
A: All users, however, it is important to note that these changes will only affect future password changes. Existing passwords will not be affected and users will be able to login without any issues.
Q: How is the change enforced?
A: Through Intermedia’s Active Directory domain policy, which get enforced when passwords are synced through UserPilot.
Q: Was there some type of security event or incident that made this change necessary?
A: Not at all. The password policy changes that we are preparing to make will simply enhance our existing requirements. These changes will ensure that users choose more secure passwords and prevent the chance that users passwords will get compromised in the future.
Q: What is changing?
A: We are changing three things:
1. Setting the minimum password length to 8 characters.
2. Enabling password history so that users will not be able to reuse the last 4 passwords.
3. Enabling password complexity
Q: What do I need to do?
A: You may need to modify your existing ‘Default Domain Policy’ to meet these minimum requirements. This ensures that your policies are equal or greater than ours, to ensure future password changes are synced.
Q: What happens if I can’t get it done by the time Intermedia makes this change?
A: Users would still be able to login to Intermedia services. However, if the user ever changes their password, the new password will not sync with Intermedia unless it meets the new ‘default’ password requirements.
Q: Will any of my users passwords expire as a result of this change?
A: No. Users would still be able to login to Intermedia services.
If you have any questions or concerns then please contact our support department and we will be happy to assist you further.