Passwords are keys to the Experience Portal system. They must be protected and strong. A strong password is one that is not easily guessed and is not listed in any dictionary. Protected and strong passwords are especially important for root and administrative-level passwords since they have no access restrictions. Passwords created during Experience Portal installation are checked for minimal characteristics as follows:

• Passwords must contain at least one alphabetic character and one digit.

• Passwords are case-sensitive and should contain a combination of upper and lower case letters.

• A password cannot contain the associated user name.

• Although you can determine the minimum password length, you must not use fewer than eight characters.

After installation, when you use the EPM to create additional user accounts, the minimal characteristics for passwords are enforced. However, administrators can customize the minimum password length. Password length can be between 4 to 256 characters. You should set this value to at least eight characters.

For security reasons, you should change your default password when you log on to Experience Portal for the first time. Password reset is not required on first logon in the following scenarios:

• If the password longevity is not checked at the time of adding a user.

• If the login options password longevity is set to 0.

To ensure that strong passwords are created, you should use a nonsensical combination of letters and digits when creating passwords.