Security and passwords are paramount in this day and age, especially in corporate environments. New G Suite password options allow admins to enforce policies like stronger logins that have to be changed every so often and cannot be reused.
While security keys provide a second line of defense, good password hygine is still important. Enterprise administrators of Gmail, Google Drive, and other services can already specify a minimum and maximum length for passwords. Building on that policy is the ability to determine how soon those rules go into effect with “Password strength and length enforcement.”
You can choose to enforce password length and strength requirements either the next time a user changes their password or the next time they log in. The default is to start enforcement the next time a user changes their password.
G Suite can tell admins if passwords belonging to managed users are considered weak. The new “Enforce strong password” option will prevent you from creating one that is easily guessed.
Meanwhile, a “Password expiration” can now be set so that users are required to change their login every so often. Options range from 30, 60, 90, and 180 days, as well as one year. However, the default is “never expires,” given that it is an inconvenience.
A related “Password reuse” control allows admins to stop users from selecting a password that they already used with the organization. This prevents reusing existing one that might already be compromised.
These new G Suite password options are available in the Admin console under Security > Password management. The existing password length setting is also being consolidated into this new section.