It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Login Sign Up Contact & Support

United States – English (GMT-5)

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Barracuda Cloud Control

Overview Documentation Materials

Email Protection

Total Email Protection

Email Gateway Defense (Email Security)

Impersonation Protection (Sentinel)

Cloud Archiving Service

Security Awareness Training (PhishLine)

Email Security Gateway

Domain Fraud Protection

Incident Response

Message Archiver

WAF-as-a-Service

Web Application Firewall

Cloud Security Guardian

Load Balancer ADC

Vulnerability Manager

Vulnerability Remediation Service

WAF Control Center

Active DDoS Prevention

CloudGen Firewall

CloudGen Access

Network Access Client

Firewall Insights

Web Security Gateway

Web Security Agent

Firewall Policy Manager

Cloud-to-Cloud Backup

RMM (Managed Workplace)

Managed Security Awareness Training (Managed Phishline)

Intronis Backup (ECHOplatform)

MSP Knowledge Base

Site Security Scanner

MSP – Partner Enablement

NextGen Firewall X

Server Backup (Yosemite)

Campus Help Center / Reference

Onboarding Portal

Network Security

Support Services

Login Sign Up Contact & Support

United States – English (GMT-5)

Password Complexity Policies

Last updated on 2024-04-23 14:45:22

Note

Note that password complexity policies described in this article apply to passwords created and stored within the Barracuda Cloud Control system.

These rules do not apply if your organization is using LDAP or Microsoft Entra ID authentication to store and administer Barracuda Cloud Control user accounts.

For your security, Barracuda Cloud Control enforces the following password complexity policies. Take the following information into account when creating or changing a Barracuda Cloud Control password.

Barracuda Cloud Control passwords must:

Contain a minimum of 8 characters
Contain a maximum of 72 characters
Not appear on Barracuda Networks' list of 10,000 most common passwords
Pass a complexity test that compares against criteria including:
- 30,000 common passwords
- Common names and surnames, according to U.S. census data
- Popular English words obtained from Wikipedia, U.S. television, and U.S. movies
- Common patterns, including
  - Dates
  - Repeats (aaa)
  - Sequences (abcd)
  - Keyboard patterns (qwerty uiop)
  - l33t speak (leet speak)

Barracuda Cloud Control password and lockout policies:

No minimum or maximum password age.
After 6 failed login attempts, the account will be locked out.
A locked-out account remains locked for 60 minutes the first time an account is locked.
No account password reset is required after the lockout duration of 60 minutes has passed.