Currently Jasperserver doesn't offer or enforce any password protection policy. This policy (is a set of guidelines) help keep important data safe from hackers by ensuring that only the right credentials can access it there are no security policies applied at user password.
Use unique passwords
Set minimum length and complexity
Check passwords
Implement multifactor authentication
Enforce user to change the password after first login
Also missing password expiration policy that requires users to change their passwords at regular intervals. The policy limits the amount of time an attacker has to compromise a user's password and gain access to network resources
Components | JasperReports Server, User/Role |