Security Policies - Password Policy | Admin Guide - Zoho One

Configure password policy

Passwords are the most commonly used authentication factor. Many users reuse the same, insecure password for all their online accounts, compromising their organization's security. To protect yourself from this common pitfall, make it mandatory for your users to create passwords that meet certain security standards.

 In the mobile application: 

For iOS devices:

  1. Open the Zoho One app on your mobile device.
  2. Tap in the bottom right, then tap Security Policies.
  3. Tap the required security policy, then tap Password Policy.
  4. If your enabling a password policy for the first time, tap the toggle bar to enable the password policy.
  5. If a password policy is already enabled, proceed to set the password preferences,
  6. Tap SAVE.
To disable a password policy:
  1. Open the Zoho One app on your mobile device.
  2. Tap in the bottom right, then tap Security Policies.
  3. Tap the required security policy, then tap Password Policy.
  4. Tap the toggle bar to disable the password policy.
  5. Tap SAVE.

For Android devices:

  1. Open the Zoho One app on your mobile device.
  2. Tap in the bottom-right corner, then tap Security Policies.
  3. Tap the required security policy.
    1. If you are enabling a password policy for the first time, check the box to enable it.
    2. If a password policy is already applied, tap .
  4. Set the password preferences, then tap .
  5. Tap Enable in the pop-up message that appears.
To disable a password policy:
  1. Open the Zoho One app on your mobile device.
  2. Tap in the bottom-right corner, then tap Security Policies.
  3. Tap the required security policy, then uncheck Password Policy.
  4. Tap Disable in the pop-up message that appears.

In the web application: 

  1. Sign in to Zoho One , then click Directory in the left menu.
  2. Go to Security, click Security Policies, then click on the policy you want to configure.
  3. Go to Password Policy, then click Setup.
  4. Select from the three preset Password Strengths or choose Custom.
  5. If you choose Custom, set:

    PASSWORD COMPLEXITY

    Minimum length for a Password

    The minimum number of characters the password must have.

    Mixed Password

    When this is enabled, users have to set passwords with both upper and lower case characters.

    Minimum special characters

    The number of special characters the password must have.

    Minimum numeric digits

    The number of numeric characters the password must have.

    PASSWORD AGE

    Maximum password age

    The number of days users can use a password for.

    Minimum password age

    The duration that users must use a password before resetting it.

    Refusal of Previously Used Passwords

    The number of most recent passwords that users can't reuse.


  6. Click Update Policy.
To remove a password policy:
  1. Sign in to Zoho One, then click Directory in the left menu.
  2. Go to Security, then click Security Policies.
  3. Click on the policy for which you want to remove the password.
  4. Go to Password Policy, then click Remove Password Policy.
    If a password policy is removed, the next policy having the top priority will be applied to the user. Check our help documentation to know more about policy priority
  5. Click Yes, Remove. The password policy will be removed and in order to enforce the newly prioritized user policy, you will need to reset all passwords.
    The maximum password age, minimum password age, and the refusal of previously used passwords will be effective immediately after the password priority is set and the older one is removed.