Monday, November 23, 2015

The password strength requirements for Hosted Email and Hosted Exchange are changing. On January 6, 2016, the Control Panel and Webmail interfaces will begin enforcing new rules when setting or changing a password. The password rules will now be consistent for both Hosted Email and Hosted Exchange. The new password strength requirements are:
  • Must be at least 8 characters long
  • Must contain 3 of the following:
  • Uppercase letter
  • Lowercase letter
  • Number
  • Special character or space
On January 20, 2016, all Email API's will be updated to validate new or changed end user passwords according to the new rules. If you use the Administrative APIs, this change may require you to update your integration code. Also, if you use the Directory Sync utility, you may need to adjust your password policy. After January 20th, when attempting to set a password that doesn't match these new requirements, an error response will be triggered from the API. You can - and should - update your code to respect the new requirements now. Please refer to the REST or SOAP documentation for error code specifics. This change will not force any existing users to change their password, regardless of the strength of that password. For that reason, we recommend periodically changing email passwords. If you have any additional questions, please contact your support team.

« Back