Incorrect documentation around password policies (#19364)

closes #19363 Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com>
2023-03-29 05:09:40 -03:00 · 2023-03-29 05:09:40 -03:00 · 142bb30f66
parent 032ece9f7b
commit 142bb30f66
1 changed files with 5 additions and 3 deletions
--- a/docs/documentation/server_admin/topics/authentication/password-policies.adoc
+++ b/docs/documentation/server_admin/topics/authentication/password-policies.adoc
@ -15,10 +15,12 @@ When {project_name} creates a realm, it does not associate password policies wit
 Password policy
 image:images/password-policy.png[Password Policy]

-After saving the policy, {project_name} enforces the policy for new users and sets an Update Password action for existing users to ensure they change their password the next time they log in. For example:
+After saving the policy, {project_name} enforces the policy for new users.

-.Failed password policy
-image:images/failed-password-policy.png[Failed Password Policy]
+[NOTE]
+====
+The new policy will not be effective for existing users. Therefore, make sure that you set the password policy from the beginning of the realm creation or add "Update password" to existing users  or use "Expire password" to make sure that users update their passwords in next "N" days, which will actually adjust to new password policies.
+====

 ==== Password policy types