Application Launcher

Cloud Platform enforces a security policy for passwords used to access the Cloud Platform user interface. This security policy determines how strong (resistant to guessing) user’s passwords must be.

The password strength policy applies only to the Cloud Platform user interface, and doesn’t apply to your Drupal websites.

Note

For password security policies in Site Factory, see Minimum password strength.

Password requirements on Cloud Platform

Cloud Platform applies several rules to test a password’s strength, based on the entropy (randomness) of the sequences in the password. All passwords used for accessing the Cloud Platform user interface must meet the following criteria:

Is at least 12 characters in length.
Has at least one capital letter.
Has at least one lower case letter.
Has at least one special character.
Has no parts of the email.
Has no parts of first name.
Has no parts of last name.
Is not any of the user’s previous 24 passwords.
Does not match with the list of most commonly used passwords.

Note

In the unlikely event that your account is hacked because of a weak password, the system sends you an email notification indicating that a new, unrecognized device has signed in to your account.

Testing password security when changing passwords

As you type a new password, the Acquia password policy system tests and reports the password’s strength. If you try to create a password that doesn’t meet Acquia’s password strength requirements, Cloud Platform displays an error message describing why the password strength is insufficient.

Protecting against brute-force attacks

The Cloud Platform user interface protects you from brute-force attacks by the following policies limiting the total number of sign-in attempts:

After three failed sign-in attempts during a 30 minute timeframe from a single user and IP address, Cloud Platform blocks the user name (email) and IP address combination from signing in for 30 minutes.

Note

If your account is locked due to multiple failed sign-in attempts, you can unlock your account to by pass the 30 minutes window. For more information, visit Unlocking your account.

The password strength policy applies only to the Cloud Platform user interface, and doesn’t apply to your Drupal websites.

Note

For password security policies in Site Factory, see Minimum password strength.

Password requirements on Cloud Platform

Is at least 12 characters in length.
Has at least one capital letter.
Has at least one lower case letter.
Has at least one special character.
Has no parts of the email.
Has no parts of first name.
Has no parts of last name.
Is not any of the user’s previous 24 passwords.
Does not match with the list of most commonly used passwords.

Note

In the unlikely event that your account is hacked because of a weak password, the system sends you an email notification indicating that a new, unrecognized device has signed in to your account.

Testing password security when changing passwords

Protecting against brute-force attacks

The Cloud Platform user interface protects you from brute-force attacks by the following policies limiting the total number of sign-in attempts:

After three failed sign-in attempts during a 30 minute timeframe from a single user and IP address, Cloud Platform blocks the user name (email) and IP address combination from signing in for 30 minutes.

Note

If your account is locked due to multiple failed sign-in attempts, you can unlock your account to by pass the 30 minutes window. For more information, visit Unlocking your account.

The password strength policy applies only to the Cloud Platform user interface, and doesn’t apply to your Drupal websites.

Note

For password security policies in Site Factory, see Minimum password strength.

Password requirements on Cloud Platform

Is at least 12 characters in length.
Has at least one capital letter.
Has at least one lower case letter.
Has at least one special character.
Has no parts of the email.
Has no parts of first name.
Has no parts of last name.
Is not any of the user’s previous 24 passwords.
Does not match with the list of most commonly used passwords.

Note

In the unlikely event that your account is hacked because of a weak password, the system sends you an email notification indicating that a new, unrecognized device has signed in to your account.

Testing password security when changing passwords

Protecting against brute-force attacks

The Cloud Platform user interface protects you from brute-force attacks by the following policies limiting the total number of sign-in attempts:

After three failed sign-in attempts during a 30 minute timeframe from a single user and IP address, Cloud Platform blocks the user name (email) and IP address combination from signing in for 30 minutes.

Note

If your account is locked due to multiple failed sign-in attempts, you can unlock your account to by pass the 30 minutes window. For more information, visit Unlocking your account.

Password requirements on Cloud Platform

Testing password security when changing passwords

Protecting against brute-force attacks

Password requirements on Cloud Platform

Testing password security when changing passwords

Protecting against brute-force attacks

Password requirements on Cloud Platform

Testing password security when changing passwords

Protecting against brute-force attacks

Did not find what you were looking for?

Did not find what you were looking for?

Password strength in Cloud Platform

Password requirements on Cloud Platform

Testing password security when changing passwords

Protecting against brute-force attacks

Password strength in Cloud Platform

Password requirements on Cloud Platform

Testing password security when changing passwords

Protecting against brute-force attacks

Password strength in Cloud Platform

Password requirements on Cloud Platform

Testing password security when changing passwords

Protecting against brute-force attacks

Did not find what you were looking for?

Did not find what you were looking for?