You can set up different levels of password security using Freshservice for your agents and requesters. By default, any password must contain a minimum of 8 characters and must not contain the username. 


You can also opt for advanced settings and set up custom password policy like the password expiration time or the minimum password length. The more sensitive the data your agents/requesters have access to, the more stringent your password rules must be. Please note that you will not be able to set up password policies if your SSO is enabled.


Quick guide to setting up your password policy:


  • Login to your helpdesk as an administrator.
  • Go to Admin > Helpdesk Security.
  • Your login policy will be visible under Default Login Policy. To modify it click on the edit icon next to Default Login Policy
  • A new page will open. Under the Default Login Policy, you can choose between Freshworks login, Passwordless login, Google SSO and Singe-sign-on. You can use the radio buttons to activate or deactivate either of these options.Once you make the changes, hit Save.




What happens after the changes are made:


  • Any change you make in the password section will take 4-8 hours to be implemented.
  • If the changes are made to the agent password policy, 
    • the agents who are logged in will be prompted to change their passwords for an hour before the change is enforced, after which they will be logged out. They can login again after setting up a new password that complies with the policy changes.
    • the agents who are not logged in will be made to change their passwords the next time they try to log in.



  • If the changes are made to the requester password policy, requesters will be made to change the password the next time they try to log into your helpdesk. If the implementation of the password happens when they are logged in, they will be logged out.