Advanced Password Policy Manager for Jira


Advanced Password policy manager for Jira app, gives the ability to configure password policies for users in JIRA and JSM. Here, we will go through a guide to configure password policy in Jira. By the end of the guide, You will be able to set password policy using regular expressions, password expiry time, password expiry notifications, and lock users on failed login attempts.

Pre-requisites

To configure Adanced password policy manager plugin, you need the following items:

  • Jira should be installed and configured.
  • Admin credentials are set up in Jira.
  • Valid Jira Server or Data center Licence.

Download And Installation



  • Log into your Jira instance as an admin.
  • Navigate to the settings menu and Click Manage Apps.
  • Click Find new apps or find new add-ons from the left-hand side of the page.
  • Locate Advanced password policy manager for JIRA via search.
  • Click Try free to begin a new trial or buy now to purchase a license for Advanced password policy manager for Jira.
  • Enter your information and click Generate license when redirected to MyAtlassian.
  • Click Apply license.
  • miniOrange Password policy, Install Jira Add-On through manage apps menu

 Configure Password policy Configure Password policy:

  • Go to the Policies section of the plugin.
  • Admin can see 4 types of policy.
  • Basic Policy, Moderate policy, Strong Policy, and new policy where you can customize your policy.
  • Click on the '+' icon and get started with your first policy. Or you can also click on any of 4 policy options provided
  • miniOrange Password policy, Install Jira Add-On through manage apps menu

    Policy Regex & Regex requirement:

    • Set a regex for your policy. All the password conditions depend on added regex.
    • You can configure a set of rules using the regular expression (regex) that should be followed by the user while setting/updating their passwords.
    • For eg.  ^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{8,}$ regex represents that the passwords should contain:
    • 1. At least one upper case Alphabet.
      2. At least one lowercase Alphabet.
      3. At least one digit.
      4. At least one special character.
      5. Minimum eight characters required.

    • Use the  Password complexity requirement message or  Regex requirement Message to show the password requirement message to the user.
    • As we provide 4 types of password policies, each has a different type of regex condition and regex requirement message.

      1. Basic Policy has default regex - [^ ]{8,} and requirement message - Minimum 8 characters required.

      2. Moderate Policy has default regex - ^.*(?=.{8,})(?=.*\d)(?=.*[a-zA-Z]).*$ and requirement message - Minimum 8 characters with at least 1 digit and 1 alphabet.

      3. Strong Policy has default regex - ^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-]).{10,}$ and requirement message - Minimum 10 characters with at least 1 digit, 1 uppercase alphabet, 1 lowercase alphabet, and 1 special character.

      4. In the New Policy/ Default Policy admin can set their own regex and own requirement message.

      miniOrange Password policy, Install Jira Add-On through manage apps menu
    • Click on the “Test Your Policy“ button to verify your configured regex. You can also check which type of passwords will match with the selected policy.
    • You can edit the policy name and its description to identify the configured policy.
    • miniOrange Password policy, Install Jira Add-On through manage apps menu

    Configure Policy User:

    • You can set the current policy for Jira/ Jira service management or for both at the same time.
    • Use the “Enable for Jira admins“ option to apply the selected policy for Jira admins.
    • Add groups to the groups option to enable the policy for the selected users.
    • The policy will be applied to users added to the user's option irrespective of their groups.
    • miniOrange Password policy, Install Jira Add-On through manage apps menu

    Lock user / Password expire:

    • Enter the number of allowed failed login attempts. The user account will be locked if the login attempts exceed the allowed attempts.
    • Set this value to 0 to disable this feature.
    • Enter the number of days the user's password will stay valid. The user has to reset their password after the password is expired.
    • Set this value to 0 to disable this feature.
    • If enabled, the user after the maximum allowed failed login attempts gets locked.
    • If disabled, admin can set waiting time for the user. After completion of lockout period user can log in again.
    • miniOrange Password policy, Install Jira Add-On through manage apps menu

    Password Notification:

    • An email notification will be sent to users added to a policy when their passwords expire if enabled.
    • As soon as the maximum number of failed login attempts is reached, Jira will send a notification notifying the user that their account is locked.
    • miniOrange Password policy, Install Jira Add-On through manage apps menu

 Configure Password policy User Management:

  • With the search filter admin can check a user account status and password expiry time.
  • Admin can select an action like “Lock / Unlock” user to lock or unlock a user.
  • miniOrange Password policy, Install Jira Add-On through manage apps menu

 Configure Password policy Email Template:

  • If Reset password notification is enabled for any policy, with this feature system will send email notification to users to reset the password in allowed time.
  • Admin can also notify users with number of days left for password expiration.
  • Admin can use provided default template or modified template to remind users to reset password.
  • Admin can use provided default template or modified template to notify user lock status.
  • miniOrange Password policy, Install Jira Add-On through manage apps menu

Recommended Add-Ons




Free Trial

If you don't find what you are looking for, please contact us at support-atlassian@miniorange.atlassian.net or raise a support ticket here.