Export Profile Password Policies

To demonstrate regulation compliance, admins must often report Salesforce profile settings, such as to show that all Salesforce users meet the minimum password requirements. Previously, you took screenshots of your profiles to document settings. Now you can reduce your compliance burden by using the Metadata API to export profile definitions for your auditors or to deploy them to another environment. This feature is new in both Lightning Experience and Salesforce Classic.

You can export these profile session settings.

  • How many minutes of inactivity elapse before a user’s authenticated session times out
  • Session security level required at log in
  • Whether a user must be logged out immediately when the session times out
  • Whether a user receives a warning when the session is about to expire

You can export these profile password policy settings.

  • Number of days until a password expires
  • Number of previous passwords to save to ensure that users reset their password to a new, unique password
  • Minimum password length
  • Type of characters required in a user’s password (alphanumeric, number, special characters, uppercase, or lowercase)
  • Whether an answer to a hint can contain the password
  • Whether a user can change a password more than once in a 24-hour period
  • Maximum invalid login attempts until the user is locked out
  • Lockout period duration
  • Whether answers to security questions are hidden when typed