How to Set a Password Policy for Your Nextcloud Account
Nextcloud is one of the best cloud server options on the market. After you set it up and get it running, you'll find you can do virtually anything on this platform. However, there are some things you should do as soon as you have Nextcloud installed.
For example, you should immediately set up your ideal password policies. Fortunately, Nextcloud has this feature integrated, so there's no need to add any third-party software.
Why do I need to do this?
If left to their own devices, most users will opt to go with basic and easy to predict passwords like "password" or "12345" etc. These passwords are easy to guess and will easily be hacked if a malicious third party decides to invade your account.
So here's how to set up a good password policy for Nextcloud.
How to enable the Password Policy
- Log into your Nextcloud instance as an administrator.
- Click on your profile image in the upper right corner and then select Settings.
- In the newly-opened window, press Security in the left pane.
- Scroll down to the Password Policy entry and ensure that "Forbid Common Passwords" is enabled. This option will make sure you don't use common and easily predictable passwords like the ones I mentioned above.
You should also turn on the following features:
Enforce Upper And Lower Case Characters
Enforce Numeric Characters
If you really want to make sure your Nextcloud cloud server is as secure as possible, I would suggest toggling on every option in the Password Policy section. Some users might find it somewhat tedious, but security has no price, right?
There is a big BUT incoming, however. If you already have people using your Nextcloud instance, and you modify the password policy configuration, the old user passwords will still work as if nothing had been changed. Put simply, the new password policy will only apply to new Nextcloud users. To deal with this there are two things you can do. You can make sure to set up your desired password policy as fast and make sure you send the word out to current users to manually update their passwords according to the policy after you set up the password policy.
This is how Nextcloud users can change their passwords:
- Select the profile image in the upper right corner.
- Press on Settings.
- Click Security in the sidebar.
- Enter and verify the new password under Password.
- Select Change Password.