Passwords are the first line of defense for most accounts, and it's essential to secure them with strong, unique passwords. We recommend that you define a strong password policy for your organization and require all users to follow the password constraints specified in it. You can allow your users to generate secure passwords for their accounts based on the organization's password policy. Access Password policy from the Password management section of the Settings tab, then do one of the following
• Enable a default policy
  
• Create a new policy
  

Enabling a default policy

You can enable any one of the three default policies defined in Zoho Vault.

1. Simple 
   This policy contains less restrictions, and should be used sparingly for storing test accounts and internal non-critical accounts. We do not recommend this policy for storing sensitive credentials. 
2. Moderate 
   This policy contains moderate restrictions that enforce users to have mixed case and numbers in their password. 
3. Strong (Recommended) 
   The strong password policy contains extensive restrictions on the minimum password length, and enforces users to create passwords that contain mixed characters, numerals, and special characters. 

1. Use Default Policy - When you choose this option, the password policy that is chosen as default will be applied to all passwords. However, choosing this option will not enforce the policy on users, and users will be able to add passwords of any length and complexity. Only the password generator will generate passwords based on the chosen default policy.
   
2. Allow Users to Select a Policy - Using this option, users can select and apply a desired password policy while creating the password. All passwords must comply with the password policy chosen by the user.
   
3. Enforce Default Policy - When you choose this option, the password policy chosen as default will be enforced for all users. New passwords created by the users will only be saved if they match the default password policy's complexity requirements. 
   

Note: By default, all these policies have a password validity of 60 days. Users will be alerted to recycle their passwords after this period. This is just an alert that helps users stay compliant with your organization's security policies. Their passwords will remain intact in Zoho Vault even after the validity expires. 

Here's a detailed list of all the constraints associated with the default policies:

Note: The default policies cannot be edited or deleted in Zoho Vault.

Creating a custom password policy

Create a password policy with your own constraints to match your company's security policies.

1. Select Password policy under the Password management section of the Settings tab, then click Add
   
2. Enter the policy name, and the minimum and maximum password length. Specify one of the following password constraints:
   
   

• Must start with a letter
  
• Must include mixed cases
  
• Must contain numbers or special characters
  
• Number of special characters required
  
• Characters that are not allowed
  
• Password validity
  

3. Click Save.