vCenter Single Sign-On policies enforce the security rules for local accounts and tokens in general. You can view and edit the default vCenter Single Sign-On password policy, lockout policy, and token policy.
What to read next
Edit the vCenter Single Sign-On Password Policy vCenter Single Sign-On password policy determines the password format and password expiration. Password policy applies only to users in the vCenter Single Sign-On domain (vsphere.local). Edit the vCenter Single Sign-On Lockout Policy vCenter Single Sign-On lockout policy specifies when the user's vCenter Single Sign-On account is locked. Administrators can edit the lockout policy. Edit the vCenter Single Sign-On Token Policy vCenter Single Sign-On token policy specifies token properties such as the clock tolerance and renewal count. You can edit the token policy to ensure that the token specification conforms to security standards in your corporation. Edit Password Expiration Notification for Active Directory (Integrated Windows Authentication) Users vCenter Server SSO password expiration. The default password expiration notification for an Active Directory user is 30 days but the actual password expiration depends on your Active Directory system. The vSphere Client controls the expiration notification. You can change the default expiration notification to meet the security standards in your corporation.
