Documentation forWeb Help Desk
Important security updates are available for WHD. SolarWinds recommends you upgrade to version 12.8.3 Hotfix 3.

Password policy

The Web Help Desk (WHD) password policy requires all users to enter passwords that meet the policy requirements. WHD's default password requirements are enforced unless an administrator configures specific requirements for your organization.

Default password requirements

All passwords must be:

  • At least 12 characters
  • At least one uppercase character
  • At least one lowercase character
  • At least one number
  • At least one special character

If any password requirement is not met, a message displays on the screen.

The password policy rules apply when a new technician or client user account is created or when users change their password.

This rule also applies when you create the first technician or administrator user during the installation procedure and when a user creates a password using the Forgot Password link.

Configure password requirements specific to your organization

An administrator can modify minimum password length, password criteria, maximum number of invalid login attempts, and the password expiration can be modified to meet your organization's needs.

Configuration options

  • Minimum password length by the number of desired characters.

  • Password criteria:

    • Mixed capitalization must contain at least one uppercase and one lowercase letter

    • Mixed capitalization and numbers must contain at least one uppercase letter, one lowercase letter, and one number

    • Mixed capitalization, numbers, and special characters must contain at least one uppercase letter, one lowercase letter, one number, and one of the following special characters: !#$%-_=+<>&@

  • Maximum number of invalid login attempts to up to 10 attempts.

  • Password expiration to one of these options: never, ever month, every 3 months, every 6 months, and every 12 months.

Updates on the Authentication page

Three field updated in Authentication page:

  • Minimum Password Length
  • Password Expired
  • Password Complexity Requirement

Compliance with password policy

This rule also applies when you create the technician or administrator user during the installation procedure and when:

  • A user creates a password using the Reset Password Link for Client.
  • A user resets password by email.
  • At the time of a password update from the Client and Technician or via Update Profile.

By default, policy is added by an admin and is globally applicable for technician and Client.

Password validation errors

The errors below are can occur when there's an update to a technician or Client password field.