In most cases, unless you are using a single sign-on solution, you will be using a username and password combination to log into Jira. So, you will want users to choose strong passwords that cannot be easily guessed. If your organization is already enforcing a password policy and centrally managing authentication, such as via LDAP, then all you have to do is integrate Jira with it and you are good to go. However, if this is not the case, Jira comes with the ability for you to set a password policy to make sure your users do not choose simple, guessable passwords. To set up a password policy for Jira, perform the following steps:

1. Browse to the Jira administration console
2. Select the System tab and then Password Policy
3. Choose from one of the available options, with the Custom option allowing you to specify your own requirements
4. Click the Update button to apply the policy

After you have applied your new password policy, existing user passwords will not be affected. However, if users try to change their own password, or if you are creating a new user account, Jira will make sure the password meets the requirements of the policy, and will display an error message if the requirements are not met: