Privia utilizes the Windows encryption service to store passwords in non-reversible encrypted format keyed to the unique certificate of a Windows server. Therefore passwords cannot be recovered or examined by anyone even if they have direct access to the server. If a password is forgotten, the password should be reset to access the account.

The default password policy for a Privia server is:

Enforce password history:  disabled

Minimum password length: 6 characters

Passwords must meet complexity requirements: enabled

  • Not contain the user's account name or parts of the user's full name that exceed two consecutive characters
  • Be at least six characters in length
  • Contain characters from three of the following four categories:
  • English uppercase characters (A through Z)
  • English lowercase characters (a through z)
  • Base 10 digits (0 through 9)
  • Non-alphabetic characters (for example, !, $, #, %)
  • Complexity requirements are enforced when passwords are changed or created.

The password policy for a server can only be changed by someone with direct access to the server. For Privia hosted systems this is through the Privia customer support organization. For customers that host their own server this would be through the customer's IT department that is operating the server. 

Changing the password does require a server reboot to make it take effect.