A password policy is a set of rules designed to enhance security by encouraging users to employ strong passwords. Another possible defense against password-guessing attacks is enabling an account-lockout, which means the account will be locked after a specified number of invalid or failed login attempts.

To configure a password policy in OpManager, go to Settings -> General Settings -> User Management -> Password Policy. You can configure the folllowing settings under OpManager's password policy.

• Minimum password length: Specify the minimum number of characters required in a password. It should be 5-25 characters.
• Enforce password history: Number of unique passwords that must be associated with a user account before re-using an old password.
• Password complexity:
  
  1. Minimum characters as specified above.
  2. Maximum 25 characters.
  3. Minimum 1 uppercase, 1 lowercase and 1 special character (! ~ @ # $ % ^ & + = _ *).
• Password should not be same as username: Enable this to option to prevent duplication of a username in the password.
• Forgot Password: Enable this option to have Forgot Password option in the login page.
• User Account Lockout Policy: The User Account Lockout setting allows the administrator to lockout accounts after a specified number of invalid login attempts. A locked out account cannot be used until reset by an administrator or until the account lockout duration has expired. For instance, if invalid credentials have been provided for over 5 times, the account will be locked out for 2 mins. This lockout interval and the number of bad login attempts can be configured.
• Maximum invalid login attempts: Specify the maximum invalid login attempts before an account gets locked out.
• Lockout period: Specify the lockout duration in minutes.

To know about how to authorize AD group users, click here.