Checking Password Validation
============================

Policy Server communicates with the Agent to collect check the strength of a
macOS password

#. Go to **Policy** in the top panel.
#. Go to **Policy > Node Policy > Agent Action** in the left Policy panel.
#. Find and click **Checking Password Validation** in the Agent Action window.

Under **General** section:

#. For **CWP Message**, add message to be displayed in accordance with the
   Policy.
#. For **Label**, add labels to help categorize your plugins with custom labels
   that appear in the "Description" field.
   
Under **Agent Actions** section:

#. For **Boolean Operator**, choose **AND** or **OR** to add optional
   conditions.
#. For **Settings**, click **Add** and select your optional conditions.
   **Criteria/Operator/Value**
   
Under **Plugin Settings:**

#. Select **On** or **Off** for:

   * **Display Account with Strong Password**: Specify whether to display an
     account with a strong password.
   * **Immovable Dialog Box** - Specify whether to lock Dialog Box in the
     center of the screen.

- The settings below may be defined for both **Logged On Users** and
  **Logged Off Users**.

#. For **Password Check Options**, select **None**, **Protection** (check for
   password), or **Strength** (Checks password against password policy. See:
   :doc:`../authentication/managing-users`)

   * For **Action**, select **Force Password Change** (Which will mandate a
     password to be added, or mandate a password is made compliant, depending on
     the main password check option chosen), or **Check Password Strength** (Can
     be selected to check password strength without additional action,
     regardless of the main password check option. See:
     :doc:`../authentication/managing-users`) .

#. For **Maximum Password Age**, Specify the period of time (*days - months*)
   that a password can be used before the system requires the user to change it
   Enter ``0`` to Disable.

   * For **Expiry Notification**, Specify the period of time that users are
     notified before password expiration (*days - months*).

#. For **Execution Interval**, adjust Periodic Interval. (*Seconds - hours*)
#. Click **Update.**
#. Go to **Node Policy** in the left Policy panel.
#. Click the **Default Policy** in Node Policy window.
#. Find **Agent Action**. Click **Assign.**
#. Find **Checking Password Validation** in the **Available** section. Select
   and drag it into the **Selected** section.
#. Click **Add.**
#. Click **Update.**