As part of the High Availability deployment on Tableau Core Server an enterprise customer has requested the following feature. With a large user population this is a real pain point.
As at Tableau 7.0.7, there is no enforcement of password policy for locally authenticated user accounts. There are no admin controls to prevent a user setting a weak password, or to require a particular frequency of change.
Mechanisms to set, enforce and monitor adherence to password policy are required for locally authenticated accounts. The policy settings available should include minimum and maximum length; complexity (alpha / numeric / symbol); frequency of change (or cannot be changed by user); number of remembered previous passwords (that cannot be re-used). The settings should conform to actual or de facto industry standards. Monitoring should include the date and time of the last failed and successful attempts to change the password, the number of days until the next change is required, and a password strength indicator.
--> Community Manager update [@Ciara_Brennan]
Feature released in Tableau 2019.2