If you configured Zimbra Collaboration Server to use the Zimbra directory server for internal authentication, you can set password usage options. If you use external authentication, password options configured in COS or accounts are ignored.
You set up an account's initial password when creating the account. After that, users can change their passwords if Password Locked is not enabled. Passwords are stored in encrypted fashion in the directory server and they cannot be retrieved. If users forget their password, you must create a new password.
The password restrictions can be configured in the COS and in the Account. The attributes that can be set include:
Password length. Specifies the required length of a password. The default minimum and maximum are 6 and 64 characters, respectively
Password aging. Configures the password expiration date. Users can change their passwords at any time between the minimum and maximum. They must change it when the maximum password age is reached
Minimum upper case characters. Uppercase A - Z
Minimum lower case characters. Lowercase a - z
Minimum numeric characters. Base 10 digits 0-9
Minimum punctuation symbols. Non-alphanumeric, for example !, $, &, %, etc.
Enforce password history. Number of unique new passwords that a user must create before an old password can be used.
Password locked. If this box is checked, users cannot change their password. This should be set if authentication is external.
Must change password. This option is on the account General tab only. If this box is checked, users must change their passwords at first sign in. This feature is applicable only if the Zimbra directory server is used for authentication.
Enable failed log in lockout. When this is checked, you can set rules for how to handle an account if a password is invalid.
-------------------------------------------------------------------------------------------------------
Copyright @ 2005-2017 Synacor, Inc. All rights reserved. "Zimbra" is a registered trademark of Synacor, Inc.