Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Enabling password expiration for the first time

Matt Velthoen
Matt Velthoen February 24, 2022

Our org finally has the need to enable password expiration after 90 days on our Atlassian Cloud account.  That's easy enough, but I haven't seen any solid answers about what to expect once that's enabled, aside from one question posted years ago.

  • Will all passwords suddenly expire since they're all well over 90 days old?
  • Will a counter start today and expire them all 90 days from now?
  • Will nothing happen at all except for new users added after the setting is enabled?

The aforementioned old question had a response that nothing would happen unless the admin clicks the "Reset Passwords" button.  I was about to give it a shot and received a vague warning:

We'll apply updates next time members log in. We recommend letting your members know about updates they need to be aware of.

That's not super helpful.  Can anyone tell me with confidence what will happen here?  I want to send out a message to the userbase letting them know what to expect and don't want a bunch of angry developers coming after me!

Thanks in advance.

Answer
Watch
Like Be the first to like this
838 views

2 answers

1 accepted

0 votes
Answer accepted
Benjamin
Benjamin
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 27, 2022

HI @Matt Velthoen ,

 

If you don't get an answer, you can test the policy on a small set of user by using a second test policy. This is usually the best practice to test out new policy settings before deploying it widely. In addition, to make sure everything is working as it should with no unforeseen bugs.

 

Usually, password management doesn't start the day the policy is set so it will check against all the passwords that are over 90 days old on the user management base. 

 

Thanks,

 

Ben

View More Comments
Matt Velthoen
Matt Velthoen February 28, 2022

Thanks for the response!  Unfortunately, I can't add any additional policies since we don't have the Atlassian Access subscription.

Regarding your last statement, my take-away is that once I set the expiration policy, any password that is already 90+ days old will expire, correct?

I wasn't sure if those dates were actually recorded prior to enabling this setting.

Like
Reply
0 votes
Matt Velthoen
Matt Velthoen February 28, 2022

It turns out that yes, old passwords had to be reset on next login.  However, this was not consistent for my team.  Two of us had reset our passwords recently (with the last month) for other reasons.

I enabled the new expiration policy, then immediately logged out and was prompted to request a password reset when logging back in.  My colleague was not prompted to do this and he got back in with his current password.

Hope this helps anyone facing this question going forward.  If you need to communicate to your users, let them know that if their passwords are currently over 90 days old, they will be presented with a button on next login (or maybe whenever their session expires) that will send a password reset email.  Follow the link in email and create a new password that complies with the rest of the policy.

View More Comments
Benjamin
Benjamin
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
Become a leader
February 28, 2022

Awesome. Thanks @Matt Velthoen for sharing your findings with the community.

Like
Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events