Which policy type is used to define password settings at the group and authentication-provider level?

The policy type that is utilized to define password settings at both the group and authentication-provider level is the Password policy. This policy governs the specific rules and configurations regarding password requirements, such as complexity, expiration, and history. By setting these parameters, organizations can ensure that their password management adheres to security best practices and compliance regulations.

In the context of Okta, the Password policy allows administrators to tailor password settings for different user groups and specify unique requirements for various authentication providers. This flexibility is critical in managing diverse user environments where different groups may have varying needs concerning password security.

Multifactor policies focus on additional security measures beyond just passwords, while Application Sign-on and Okta Sign-on relate to broader authentication mechanisms and access mechanisms rather than the specific characteristics of passwords themselves. Thus, these options do not serve the primary function of defining password settings like the Password policy does.