Managing passwords

Frontegg allows you to define and enforce secure password policies across your platform. As an admin, you can manage password settings globally at the environment level, override them for specific accounts, and even assist individual users with password resets — all through the Frontegg portal.

These options can be configured globally at the environment level and overridden per account where stricter policies are required.

Each of the following features can be managed independently.

Password complexity

Define how strong user passwords must be. You can choose from preset levels or define custom rules.

Environment-level configuration

Go to [ENVIRONMENT] → Authentication → Password.

Choose one of the following levels:

• Easy: Minimum of 6 characters, avoiding 3 recurring characters.
• Medium: Minimum of 8 characters, including at least one uppercase letter, one lowercase letter, one number, and one special character, while avoiding 3 recurring characters.
• Hard: Minimum of 10 characters, including at least one uppercase letter, one lowercase letter, one number, and one special character, while avoiding 3 recurring characters.
• Custom: Define a specific length. To set a custom complexity, click Manage Custom, and set the required length.

Once your settings are configured, click Save to apply them.

Account-level override

Go to [ENVIRONMENT] → Accounts → <Account> → Security → Password → Manage.

You can override the password complexity at the account level using the same presets or a custom rule.

Password history

Prevent users from reusing previously used passwords by requiring a minimum number of unique passwords before reuse.

Environment-level configuration

Go to [ENVIRONMENT] → Authentication → Password.

Toggle Password History on, then define how many passwords must be used before a previous one can be reused.

Password expiration

Force users to reset their passwords periodically by setting an expiration interval.

Environment-level configuration

Go to [ENVIRONMENT] → Authentication → Password.

Set the number of days after which a user’s password must be updated. You can also configure how many days before expiration a prompt should appear. To do this, toggle Password Expiration on and set the number of days until user passwords expire and require renewal for security.

If needed, toggle Password Expiration Prompt on and set the number of days before expiration when users will be prompted to reset their password.

Account-level override

Go to [ENVIRONMENT] → Accounts → <Account> → Security → Password → Manage. You can override the password expiration policy at the account level using the same options.

Password recovery

Frontegg enables end users to reset their password using either of the following methods:

• A reset link sent to their email

• A recovery code delivered via SMS

  

If the user has an updated email address or phone number in Frontegg, they can receive a login code or link through those contact methods and proceed to set a new password.

If the phone number is not yet verified, the user will receive a one-time code (OTC) to that number. Upon successful verification, the phone number will be marked as verified.

Trigger reset password for a user

If a user is unable to log in or requests support, you can manually send a reset password email directly from the User page.

Email verification

Require users to verify their email address before setting a password.

Environment-level configuration

Go to [ENVIRONMENT] → Authentication → Password and toggle Email Verification on to send a verification email during user sign-up.

Manual password reset

Admins can manually send a password reset email to a specific user for support or recovery.

1. Go to [ENVIRONMENT] → Management → Users.
2. Click on a user to open their profile.
3. Click the Send email button in the Send a reset password email to the user section.

The user will receive an email with a secure link to set a new password.