Subscribe

UiPath Orchestrator

The UiPath Orchestrator Guide

Configuring host security

Configuring security options


The settings you specify here are inherited by all organizations in your installation as default, but organization administrators can overwrite these settings as needed at the level of the individual organization.

To configure security options for your Orchestrator installation, in the Orchestrator host portal, go to Security Settings and, under Basic sign-in, click Edit password policy.
If you are still using the old Admin experience, go to Admin > Users > Authentication Settings instead.
The options that you can configure are described on this page.

Password complexity

📘

Editing the Password complexity settings does not affect existing passwords.

FieldDescription
Special charactersSelect to force users to include at least one special character in their password.
By default, this checkbox is not selected.
Lowercase charactersSelect to force users to include at least one lowercase character in their password.
By default, this checkbox is selected.
Uppercase charactersSelect to force users to include at least one uppercase character in their password.
By default, this checkbox is not selected.
DigitsSelect to force users to include at least one digit in their password.
By default, this checkbox is selected.
Minimum password lengthSpecify the minimum number of characters a password should contain.
By default, it is 8. The length cannot be smaller than 6 or greater than 14.
Days before password expirationSpecify the number of days for which the password is available. After this period, the password expires and needs to be changed.
The minimum accepted value is 0 (the password never expires), and the maximum is 120 days.
Number of times a password can be reusedThe minimum accepted value is 0 (never allow reusing a password), while the maximum is 10.
Change password on the first loginIf set to Required, users that log in for the first time must change their password before being allowed to access Automation Suite.
If set to Not required, users can log in and continue to use the admin-defined password until it expires.

Account lockout

FieldDescription
Enabled or Disabled toggleIf enabled, locks the account for a specific amount of seconds after a specific amount of failed login attempts. This also applies to the password change feature.
Account lockout durationThe number of seconds a user needs to wait before being allowed to log in again after exceeding the Consecutive login attempts before lockout.
The default value is 5 minutes. The minimum accepted value is 0 (no lockout duration), and the maximum is 2592000 (1 month).
Consecutive login attempts before lockoutThe number of failed login attempts allowed before the account is locked.
The default value is 10 attempts. You can set a value between 2 and 10.

Updated about a month ago


Configuring host security


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.