Skip to main content

How to setup and use Password Rotation Policies

  • Updated

Overview

Password Rotation Policies in CyberQP enable Managed Service Providers (MSPs) to globally define admin and service account password rotation settings. These policies can be assigned to multiple customers, ensuring consistency and security across managed accounts without requiring individual configuration for each customer. Additionally, a rotation policy can be set as the default, automatically applying to new customers created in CyberQP.

 

Permissions: Super and Manager roles are able to manage password rotation policies on QGuard plan.

 

IMPORTANT: Please note that adding a customer to rotation policy will not start rotating their admin accounts, you will need to turn on the Auto-Rotate toggle on accounts that you want rotating. Policy will just contain the rotation settings for the accounts.

 

Setting Up a Password Rotation Policy

Step 1: Navigate to the 'Password Rotation' menu under Global Settings

  1. Log in to your CyberQP portal.

  2. Navigate to Settings > Password Rotations.

  3. Click New Policy to define a new rotation policy.

Step 2:Define Rotation Policy Settings

  1. Policy Name: Enter a descriptive name for the policy.

  2. Set as default rotation policy: You can mark ONE policy as default, so any new customer created in CyberQP will be automatically assigned this rotation policy

  3. Customers: Select which customers you want this policy to used with

  4. Admin Accounts: Define admin account rotation settings

  5. Service Accounts: Define service account rotation settings

  6. Click Save to apply the settings.


    NOTE:  Each customer can be assigned to only one rotation policy. If you need to apply admin and service rotation settings from different policies, this is not yet supported. We recommend managing these settings at the customer level instead.

Setting an existing policy as Default Rotation Policy

To ensure all new customers automatically receive a rotation policy:

  1. Navigate to Settings > Password Rotations.

  2. Locate the policy you want to set as default and Click edit

  3. Checkbox for Set as default password rotation policy

  4. Click Save to apply the settings

    Note: if another policy was set as default, this action will override that policy and will mark this new policy as default instead.


Managing Rotation Policy at Customer Level

You can view the rotation policy assigned to a customer via the 'Admin Rotation' settings at customer level for both admin and service accounts. Super and Manager roles can also remove an assigned policy via this modal.

You currently can not assign a new policy at the customer level, this has to be managed via the global password rotation settings page. 


 

Removing a Rotation Policy from a Customer (1 off)

In a situation where you need to define a rotation schedule that is different than the Policy (for example a Customer that has specific rotation schedule requirements that don't match an existing policy), you can do this by removing the Password Rotation Policy from the Password Rotation Settings and setting the rotation manually.  

This will also allow you to turn OFF rotation for a single customer by clearing the rotation schedule entirely.

  1. Find the Customer on the Main Dashboard
  2. Select Administrator Accounts from the side bar
  3. Click Admin Rotation in the lower left corner
  4. The current rotation Policy will be displayed
  5. Click Remove Customer from Policy
  6. A screen will be displayed showing an empty rotation configuration.
  7. Set the new desired rotation schedule as desired.


  8. Repeat this process for the Service Account Rotation

  9. If you want to TURN OFF rotation entirely, ONLY FOR THIS CUSTOMER , you can leave this with the blank configuration.


    NOTE: A customer that has the Rotation settings cleared/blank rotation schedule, the "Auto Rotate" toggles will be shown in a "lightened" state and a tooltip will be shown to advise that the Admin Rotation settings must be configured in order to allow you to proceed with Automatic Rotations again.



  10. Repeat this process to alter the Service Accounts Rotation

 

 

Troubleshooting Common Issues

  • Passwords not rotating as expected: Ensure customer is assigned to the policy and autorotate toggle is ON for the account. Please wait for the next rotation DateTime for rotation to occur. 

Related articles

Comments

0 comments

Please sign in to leave a comment.