1. What is the nature and description of the request?

The customer is requesting the implementation of advanced password management capabilities in Ansible Automation Platform to align with common security best practices and organizational compliance policies. These enhancements should provide administrators with greater control over user password behavior and lifecycle.

2. Why does the customer need this? (List the business requirements here)

To meet internal security policies and regulatory compliance standards, the customer requires more granular control over password management within AAP. The requested features aim to:

• Enforce secure password practices to prevent the reuse of default or previously used passwords.

• Reduce the risk of compromised accounts due to weak or repeated passwords.

3. How would you like to achieve this? (List the functional requirements here)

The customer is requesting the following enhancements:

1. Prevent Reuse of Default Passwords:

• • The product should not allow a user to change their password back to the default value assigned during account creation or reset.

1. Force Password Change:

• • Administrators should have the ability to force one or more users to change their passwords upon next login.

1. Prevent Frequent Password Changes:

• • Administrators should be able to enable a policy that restricts users from changing passwords too frequently (e.g., multiple changes within a short timeframe) to prevent bypassing reuse restrictions.

1. Prevent Password Reuse:

• • The system should support a configurable password history policy to prevent users from reusing a specified number of previous passwords.