Apigee Edge provides the following safeguards for securing global user passwords.
- Lockout after 5 failed attempts: After 5 failed login attempts, users are locked out for 120 seconds before they can try logging in again.
- Password expiration: There is no password expiration for non-PCI (Payment Card Industry) organizations. This is also the default in an Apigee Edge for Private Cloud installation. For PCI-enabled organizations, passwords expire after 90 days. No advance notifications are sent when passwords are close to expiring.
- Password reset: Global users can use the "Forgot Password" functionality on the Edge UI login page to reset their passwords.