Skip to main content

How to configure and display password rules for users

This guide is an overview on how to configure and display password complexity rules for users. Users will see the password rules in real-time when they change their password.

Applies to

  • SecureAuth Identity Platform 24.04 or later

  • Applications created in the New Experience


The option to allow Inline Password Change in the Advanced Settings is not available for applications created in the New Experience. But you can still configure the password expiration settings in the Advanced Settings.


Create a password policy and attach it in an authentication policy.

Define a password policy

You will need to define a password policy with password complexity rules. If you want, you can add a deny list of keywords that can't be used as a password and include this list in the password policy.

See the following topics: Using a password policy in the Identity Platform and Using deny lists in the Identity Platform.

Attach password policy to the authentication policy

After you define a password policy, you attach it in an authentication policy on the Login Workflow tab.


When users change their password, they will see the password rules in real-time. This applies to applications connected to the authentication policy.