Password Settings

Check Point Portal enhances account security by enforcing password rotation and preventing password reuse. Only primary administrators can configure these settings. Passwords expire after the period defined in account settings (default: 180 days, options: 90, 365, or never expire).

Important: Password rotation is mandatory for users who log in with a username and password and do not use Multi-Factor Authentication (MFA Multifactor Authentication - an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence (or factors) to an authentication mechanism.). Primary administrators can also require password rotation for users who have MFA.

The Check Point Portal password policy includes:

• Password Rotation: Users must change their password when it expires. If a user logs in with an expired password, Check Point Portal prompts for a password reset.

• Password Reuse Restrictions: Check Point Portal blocks reuse of previous passwords for a configurable number of past passwords (default: 5, maximum: 15).

• Password Length Requirements: The default minimum password length is 15 characters. Account primary administrator can adjust this setting. Check Point Portal enforces password complexity requirements, which cannot be changed.

To configure password settings:

1. In the Check Point Portal, click > Identity & Access.

2. In the Password Settings section, configure:

   • Enforce password rotation after a certain number of days - Define how often users must update their passwords.

   • Prevent reuse of recent passwords - Specify how many previous passwords to block.

   • Enforce minimum password length - Set the minimum number of characters.

Notes: Password reuse is prevented only after enabling the option. Older passwords cannot be tracked.

To change your password, see Changing Your Password.