Skip to main content
Skip table of contents

IDHUB Password Policies

IDHUB (Retarus Identity & Access Management solution) enforces a strict set of password policies to protect user accounts and prevent unauthorized access.

These policies are based on recognized security standards, including:

  • PCI DSS 4.x

  • NIST SP 800

In addition, IDHUB includes protections against brute-force attacks and suspicious login behavior.

Password policies

Your password must meet all of the following requirements:

  • Include a mix of upper-case letters, lower-case letters, numbers, and symbols.

  • Have a minimum length of 12 characters.

  • Must not include your username or email address.

  • Must not match any of your 30 most recently used passwords.

Password expiration

Passwords expire after 90 days. You will be prompted to change your password when it expires.

Account lockout and login issues

Repeated failed login attempts may result in a temporary account lock. This is a security measure to protect your account from brute-force attacks.

If you experience an account lockout or repeated login issues, contact your administrator or the Retarus Support Team for assistance.

Additional security with two-factor authentication

In addition to strong passwords, IDHUB provides two-factor authentication (2FA) to further secure your account. 2FA requires a one-time code generated by an authenticator app or browser extension in addition to your password.

For details on how to configure and manage 2FA, see Setting up Two-Factor Authentication (2FA).

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close