Configuring a list of words that cannot be set as passwords

You can prevent users setting certain words as their passwords by configuring a blacklist of such words in Sage CRM:

1. Create an empty text file named Dictionary.txt.
2. Populate the file with the words you don't want users to set as their passwords.
   Each line in the file must contain one word only, for example:

   password
   qwerty
   dragon
   baseball
   football
   monkey

3. Save Dictionary.txt and copy it to the following location on your Sage CRM server: <Sage CRM installation folder>\WWWRoot.

   By default, Sage CRM is installed to %ProgramFiles(x86)%\Sage\CRM\CRM.

4. Click <My Profile> | Administration | Users | Security | Password Policies.
5. Select the following check boxes:
   • Check User Name
   • Strong User Name
6. Save your changes. Now users cannot set the words in Dictionary.txt as their passwords.

Consider the following:

• All words in Dictionary.txt are case-insensitive.
• Only the exact words added to Dictionary.txt cannot be set as passwords. For example, if Dictionary.txt contains the word baseball, a user can still set the words baseball1 or llabesab as their password.