nhmer (nhmer) asked a question.
How to apply changed Password Policy explicitly to everyone...
Team,
Earlier my customer was using default password policy and now we are creating customer specific password policy. But default password policy was consumed by all the end users who are in system. I know that i can create the new policy and whoever creates new account in OKTA will fall under new created password policy. But, is there any way that i can force to all users who had been created earlier which are not aligned with new policy and when they access OKTA end user interface must reset their password to align with new password policy?
Hi Rajiv!
A default policy is automatically created for each type of policy. This ensures that there is always a policy to apply to a user in all situations. Default policies are required and can't be deleted. They are always the last policy in the priority order and any added policies of the same type have higher priority. Default policies also always have one default rule that can't be deleted, and that rule is always the last rule in the priority order. When you add rules to the default policy, they have a higher priority than the default rule and taking into consideration that all the rules will refer to the same group, the higher one will be the one affecting the users.
For more details, please, review the below documentation and if you would like to have a discussion on the subject, open a ticket with Okta support:
https://support.okta.com/help/s/article/Creating-a-Password-Policy
https://help.okta.com/en/prod/Content/Topics/Security/policies/about-password-policies.htm