To create a new password policy

If you are not already in the Password Policies interaction, click on Policies in the Web UI top menu. The Password Policies interaction is displayed.
In the Policies interaction, click on the Create button to display the Create Password Policy interaction.
Enter all the settings for the new password policy as follows:

Name - The name the policy will be referred to by in the SecureControl system
Description - A meaningful description of the Password Policy
Minimum number of characters in password - An integer that defines the minimum number of characters required for passwords. This value must be less than or equal to the "Maximum number of characters in password" parameter.
Maximum number of characters in password - An integer that defines the maximum number of characters allowed in passwords. This value must be greater than or equal to the "Minimum number of characters in password" parameter.
Number of past passwords to exclude - SecureControl archives 25 past passwords for each user. This field can take values between 0 and 25.
Files containing excluded passwords - If a User enters a password contained in this file, the system rejects it and asks for another password. A filename must be present in this field.

SecureControl includes two excluded password files, called words.txt and empty.txt . The first one contains a list of words to exclude as passwords and the second is empty for you to add your own list of words. To add a new list of excluded words, edit the empty.txt file or create a file of the same format and place it in the root directory where the server is installed.

List of excluded characters - A list of characters that cannot be used in passwords.
Maximum password lifetime - The default lifetime of a password for a User owned by the Administrative Group. This value must be entered in the following format: an integer followed by a single letter that stands for time increment desired. Use d for days, h for hours, m for minutes, and s for seconds. For example, to say the maximum lifetime of the password is 60 days, you enter 60 d.

Since Password Policy is set according to Administrative Group, and all Users in a Administrative Group share the same policy, you may need to override the "Maximum password lifetime" parameter for an individual user. To do this, you can change the (password) expiration date in the Create/Modify User screen in the Users interaction.

Require at least one non-alphabetic character - If this box is checked, Users must include at least one non-alphabetic character in their passwords.
Default password policy - The default Password Policy is the Password Policy associated with newly created Administrative Groups. This check box lets you specify the policy being created (or edited) as that default Password Policy. One and only one of the Password Policies in the SecureControl system can be the Default Password Policy. If this checkbox is selected, the newly created password policy will be specified as the new default and the old default will no longer be the default.

Click on the Save button to save the new policy and re-display the ClearTrust Policies interaction. The new Policy will now be listed. (Or click on Cancel to return to the Policies interaction without changing anything).