octa centralizes password management into a single easy-to-use password policy page from here administrators can easily set password requirements like minimum password length and age lockout settings like Max failed attempts and even password reset options admins also have the ability to apply these settings at a system-wide level or to assign different policies at a more granular level for businesses with complex security requirements across multiple teams these settings also apply to users authenticating and resetting passwords in octa or even to those who are authenticating and resetting passwords in Active Directory or LDAP via delegated authentication let's take a closer look at password reset management by configuring these settings for a group of executives at our company let's locate their password policy and scroll down to the account recovery settings from here let's configure how long password resets or unlock recovery emails are valid for considering my executives have more sensitive access let's require them to act upon the recovery email in a shorter time period about two hours next let's ensure that their password recovery question responses are nice and complex at least 10 characters then let's give them some additional ways to reset their passwords beyond just the traditional recovery email and security question flow by permitting SMS and voice calling on top of this it's also possible to further define the circumstances in which our executives are able to reset their passwords with rules to be even more secure let's only allow our execs to reset passwords when they're on corporate network you and that's it now let's take a look at the process of actually resetting our password nakta from the octa sign-in page users can simply choose need help signing in and then forgot password to kick off the reset flow from here users can simply enter in their email address and choose how they would like to reset the password by email by voice call in which octa calls a specified telephone number shares a six digit PIN for which you enter an octa or via email guard list of what you chose it will then be finally asked to answer a password reset security question that you first set up when you activated your account once complete that's it if your users are authenticating to octa their octave passwords now been reset if they're performing Dell off to ad or LDAP their ad or LDAP passwords have now also been reset as well