6 Replies Latest reply on Mar 18, 2017 1:32 AM by Anonymous

    Password Reset Policies

    Anonymous

      Given the highly regulated nature of businesses today, there is a business need to enable the account manager to force a change of passwords every 30/60/90 (dependent on the regulation).  Yes, you can manually force a change but from an auditing perspective, these lends itself to subjectivity vs. having defendable content that shows the requirement is enabled and enforced.  Will Google evaluate this beyond the Super-User level?

       

      Carter Schoenberg

        • Re: Password Reset Policies
          Anonymous

          Good morning,

           

          I have seen this as a requirement in many companies.  Google just does not offer that feature as part of the interface.  If you currently have the same password requirements and enforce them locally (through LDAP\AD or similar) then you may be able to use Google Cloud Password Sync to force those local password updates into the cloud. 

           

          If you do not have LDAP \ AD or similar in place, you may still be able to do this via Event in Windows, or a cronjob in Linux.  For this you could use tools such as Google Apps Manager, or if you have development staff on hand, directly through the APIs.

           

          There also may be third party marketplace applications that can do this for you, but they may have a cost associated with them.

          • Re: Password Reset Policies
            Anonymous

            Hi Carter Schoenberg:

             

            As Kevin said, this isn't built in natively, but I'm pretty sure I've seen it proposed in the Feature Ideas [Customers Only] section here.  You might find and up-vote that idea...

             

            Hope that helps,

             

            Ian

            • Re: Password Reset Policies
              Anonymous

              Hi,

               

              I think this is a very pertinent point. I myself face scrutiny from my auditors regarding our practices and password reset policy is unfortunately one of those classic items they pick on. It would make our jobs much smoother if Google Cloud can support this policy in some form, or at least figure out some way so that I do not have to manage one Microsoft AD policy and one GSuite policy. It's extra work and I have to spend extra effort justifying to auditors and management on our practices, much less to also have to manage users needing to ask more questions on password policy and reset.

               

              I think clearing this up would make a good step forward in Gsuite adoption and enterprise migrations.

                • Re: Password Reset Policies
                  Anonymous

                  If you already have an AD password policy in place, enforced, and working you can use that same policy for Google Apps.  Using Google Suite Password Sync every time a password change is done on the AD side, that password will be pushed up to Google Apps immediately.  This tool would need to be installed on every domain controller, and once configured would be seamless.

                   

                  You can also take advantage of the Password Reset URL in the SSO page to redirect users who request a password change to do it locally through their AD password reset procedure.  This page would be displayed to them when they attempted to change their password via the normal Google Password reset procedure. 

                   

                  This would allow you to maintain and control a single password policy using your current AD settings.

                   

                  Does that make sense?

                  • Re: Password Reset Policies
                    Anonymous

                    What do I need to do

                     

                     

                    On Mon, Mar 6, 2017 at 9:39 AM, Google Cloud Connect <

                    • Re: Password Reset Policies
                      Anonymous

                      I will give up my precent of my company in Google Cloud Platform for a

                      Google Pixel Phone and my reinstated Jacob@Google.com Email.

                       

                      Thank you,

                      Jacob Chassereau

                       

                      On Sat, Mar 18, 2017 at 4:03 AM, Jacob B Chassereau <jchasser@citadel.edu>