Published on November 1, 2020.
One of the many responsibilities of a NetSuite Administrator is to configure an instance's password policy. It's easy enough to do, but also something that is easy to overlook.
To configure an instance's password policy, navigate to: Setup > Company > General Preferences
There are a lot of settings on the General Preferences form, but only three of them are relevant to the instance's password policy: Password Policy, Minimum Password Length, and Password Expiration In Days. Let's take a look at those settings.
There are three password policy options: Weak, Medium, and Strong.
When the Password Policy is set to Weak, the only requirement for passwords is that they are at least 6 characters long. It doesn't matter what a password consists of. For obvious reasons, this option is not recommended.
The Medium option increases the length requirement to 8 characters, and also requires that passwords consist of at least two character types. The character types are upper case letters, lower case letters, non-alphanumeric ASCII characters, and numbers.
With the Strong option, passwords must be at least 10 characters long, and must consist of at least three of the four character types. This is the default Password Policy for new instances.
While the Password Policy determines the minimum length of passwords, you can use the Minimum Password Length to require longer passwords.
It's also possible to require that users update their passwords periodically. By default, that's 180 days. But you can use this setting to adjust the frequency, and extend it as far out as 365 days.
Hello, I’m Tim Dietrich. I design and build custom software for businesses running on NetSuite — from mobile apps and Web portals to Web APIs and integrations.
I’ve created several widely used open-source solutions for the NetSuite community, including the SuiteQL Query Tool and SuiteAPI, which help developers and businesses get more out of their systems.
I’m also the founder of SuiteStep, a NetSuite development studio focused on pushing the boundaries of what’s possible on the platform. Through SuiteStep, I deliver custom software and AI-driven solutions that make NetSuite more powerful, accessible, and future-ready.
Copyright © 2025 Tim Dietrich.