About group password policies
Group password policies enforce password settings on the group or authentication-provider level. Like the organization-wide password policy, group password policies let you configure SMS and voice call for self-serve password resets. Group password policies can be applied to Okta, Active Directory, and LDAP sourced users. LDAP group password policies also apply to all supported LDAP directory services. Many group password policy options are unavailable for Active Directory and LDAP users because other options are available to define and enforce password settings. Consider delegated authentication for Active Directory and LDAP sourced users.
- Group password policies must be enabled for your org. If your org hasn't enabled this feature, you can set up self-service password reset in your organization-wide password policy.
- Some orgs may use additional group password policy features to disable email as the default recovery method.