This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Introducing Custom Password Policies: Flexible security with Password Rules based on Users and Roles

karthicksriv
JumpCloud Employee
JumpCloud Employee

‎06-12-2025 06:20 AM

Hello All,

We are pleased to announce the GA release of “Custom Password Policies by User Groups, feature. With this, admins can now create tailored password requirements for different users within the organization instead of a one-size-fits-all rule. Now’s the time to take control of your organization’s password security with flexibility.

The Problem – Why Traditional Global Password Policies Fail

  • Inflexibility – One-size-fits-all policy for all users ignores different security needs.
  • Compliance Challenges – Industry regulations demand different levels of security based on roles or membership groups.
  • Increased Risk Exposure – Sensitive data may not be fully protected under a generic policy.

The Solution – Custom Password Policies for Granular Control

  • Tailored Complexity Requirements – Set different password rules based on user roles and risks.
  • Compliance adherence  – Align policies with compliance and security standards.
  • Flexible Policy Precedence – Streamline the right policy to be enforced to users in different user groups under multiple policies.
  • Seamless Default Policy – Maintain a secure baseline while allowing necessary flexibility via custom password policies.
  • Custom password policy for Users with admin roles - Admins accounts created or assigned roles from existing users can be created as a separate User Group to assign a custom password policy to strengthen password complexity requirements more effectively (Note - this wont apply for standalone admins. Only for admins created or edited from users as in documentation https://jumpcloud.com/support/secure-admin-portal-logins#assigning-an-admin-role-to-a-user

 

Getting Started

As an “Administrator with Billing” access the new “Password Policies” menu item under “Security Management”

Review your Default Policy:

You can already see there is a Default Policy present. This default policy represents the password management settings currently managed by the Organization under “Settings -> Security -> Password Settings”

karthicksriv_0-1749720230390.png

 

Configuration Experience : 

Adding a new Custom Password Policy : 

  1. Click on “+New” to create a new custom password policy
  2. Enter the details
    1. Name
    2. Description
  3. Under Assignments ⇔ Select the User Group(s) to which the policy will apply
  4. Configure the Password settings as appropriate
  5. Save
  6. Once saved, the new custom policy will be shown and the admins can view the properties of the policy as well without needing to drill down.

Note : Custom policies will take effect on configured User Group(s) on the next password change

karthicksriv_1-1749720230688.png

 Customizing the Policy Precedence for overlapping policies

It is possible in an organization that there is more than 1 policy which has overlapping users part of User Groups.

For example, lets say we have 2 policies created like below;

Policy 1 - Group 1 - 10 characters

Policy 2 - Group 2 - 14 characters

Let us say there is a user “Sean” in both the Group1 and Group 2. 

By default the highest order policy precedence is applied on Users with their matching User Group(s) in the policy. This means Sean will be applied to Policy 1 and hence enforced of password length requirement of 10 characters as it is the first matching policy.

But if admins desire that Sean should be enforced with the Policy 2 that has 14 characters requirements, they can do  “Edit Policy Precedence” and re-order the right policy to be enforced for the overlapping user. While editing policy precedence, admins can drag Policy 2 before Policy 1 and save it. This means Sean will be now be enforced of Policy 2 to comply 14 characters during his next password change.

 karthicksriv_2-1749720230666.png

How to create a User Group with Users who have Administrator roles and assign to a custom password policy

To create admin roles from Users, please follow the steps as in the documentation https://jumpcloud.com/support/secure-admin-portal-logins#assigning-an-admin-role-to-a-user 

Once you create or edit an existing standalone admin account and assign the role to an existing user, you can create a user group by leveraging filters within the User Group.

1. Navigate to User Groups and then click on “Filter By” in the search section.

2. Scroll down to the filters that says “Admin Role: (Select One)”.

3. You can now create a single group with ALL admin types using “ALL” or create multiple user groups, one per admin role type if you want different password policies for each admin type or one password policy for all privileged admin type role. 

 

karthicksriv_3-1749722542798.png

Once you have created this group, you can use it in the custom password policy under assignments.

For more details on Password policies, refer to the official documentation here

#FlexibleSecurity, #CustomPasswordPolicy, #PasswordPolicyByRoles

0 Kudos
0 REPLIES 0
You Might Like

New to the site? Take a look at these additional resources:

Community created scripts

Keep up with Product News

Read our community guidelines

Ready to join us? You can register here.