Password policy

cancel
Showing results for 
Search instead for 
Did you mean: 
spawn
Active Member

Password policy

In Alfresco 5.2, the user can change passwords. So far it is ok. But is there any way to force a password complexity? How min. 2 lowercase letters, 2 uppercase letters, 2 digits and a special character. I know there is a way in global-config.xml to force a min password length but no other stuff in that way. (i think Smiley Happy)

And finally:

I'd like to give the user a hint in case of the password policy does not met.

2 Replies
calvo
Senior Member

Re: Password policy

Unfortunatelly, I think it requires developments of extra functionalities.
Anyway, I'm not sure if there are addons/plugins that could achieve this option.

As you have said is possible to stablish the minimum length of user's passwords on "<web-extension>/share-config-custom.xml" file:

<config evaluator="string-compare" condition="Users">
   <users>
      <!-- minimum length for username and password -->
      <username-min-length>2</username-min-length>
      <password-min-length>3</password-min-length>
   </users>
</config>

I'll try any test using RegEx (regular expressions).

Another topic that deals with a related theme:

User password management rules 

angelborroy
Alfresco Employee

Re: Password policy

Diría que la única manera es añadir más validaciones para el campo en

https://github.com/Alfresco/share/blob/develop/share/src/main/webapp/components/console/users.js#L80...

Puedes sobreescribir o extender el fichero para añadir tus validaciones.

Hyland Developer Evangelist