I think the password assessment could be a useful functionality to assess password strength and compliance with the password policy inside our organization.
Password assessmentThis report analyzes the overall security of your organization's passwords. Enterprise passwords are assessed based on various predefined criteria (passwords part of username, containing dictionary words, etc). Passwords with a low score are labeled "weak". You can alert users to change their weak passwords or enforce a strong password policy to prevent users from storing weak passwords in Zoho Vault.
However, it is not possible or desirable for us to
a) enforce our strict policy
b) assess compliance based on the assessment score.
That is, because some passwords stored in vault can't comply to our policy because of external restrictions. Think about a pin code or shared passwords by externals (where the vault user can't edit the actual password).
Is it possible to create exemptions for the password assessment or the enforced password policy? How else can you enforce a strict policy or draw meaningful conclusions out of the password assessments?
Looking forward to your ideas,