This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

Blocking few generic passwords for Gmail sign for users

Posted on 07-15-2021 10:58 AM
VickyJ
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hello Team, 

 

As an admin we want to have our users to set the passwords that spammers should not guess and hence we wanted to restrict our users not to use few passwords for their email accounts.

Currently there is no options for admins to perform these actions. It would be helpful if Google develops this for the admins.

0 4 589
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
jayhlee
Staff
Reply posted on --/--/---- --:-- AM

Hi VickyJ,

  Google already prevents users from setting generic pasword like "password" or "123456". You can additionally require users to set a strong password with high entropy:

https://support.google.com/a/answer/139399?hl=en#zippy=%2Cwhat-makes-a-password-strong

 

0 Likes

Posted on --/--/---- --:-- AM
VickyJ
Bronze 1
Bronze 1
In response to jayhlee
Reply posted on --/--/---- --:-- AM
Hey Team,

Currently Google only blocks weak passwords, like "123456" or "password123".

Considering the same for a domain example.com, there are high chances users
may use passwords like "example123" or "Example123 '' etc which we (as
admins) currently don't have access to restrict.

--
Thanks and Regards:
Vicky J
Webveer Automation and Services

Posted on --/--/---- --:-- AM
jayhlee
Staff
In response to VickyJ
Reply posted on --/--/---- --:-- AM

Hi Vicky,

  Understood. I believe Google does block some permutations of the user email address and name but have not tested this in some time. Beyond this if you'd like stricter control of user passwords you can configure the SAML SSO change password URL to point to a web service where users can set their password. The service would be responsible for confirming the password meets your organization requirements and then pushing the password to Google using the Directory API.

Additionally I'll add that while strong passwords are helpful in protecting users, even the strongest passwords can be stolen via phishing or key logging. I would encourage you to look at encourage / enforcing two-step verification among your users in order to reduce succesful attacks on your users.

https://support.google.com/a/answer/9176657?hl=en

Jay

Posted on --/--/---- --:-- AM
Sapherywa
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Your concern about restricting users from using generic passwords for Gmail accounts is valid for enhancing security. While Google doesn't currently offer this feature for admins, there are proactive steps users can take.
Encouraging users to use a strong (URL Removed by Staff) can help create complex and unique passwords that are harder for spammers to guess.
Additionally, educating users about the importance of password security and recommending best practices, such as avoiding easily guessable passwords and regularly updating passwords, can further enhance account security.

0 Likes
Top Labels in this Space