<div dir="ltr"><br><div class="gmail_extra"><br><div class="gmail_quote">On 11 April 2016 at 20:49, Richard Lavallee <span dir="ltr"><<a href="mailto:rllavallee@hotmail.com" target="_blank">rllavallee@hotmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">
<div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr">Does Keycloak support the following requirements?</div><div dir="ltr"><br></div><div dir="ltr"><div style="font-family:arial,sans-serif;font-size:12.8px;color:rgb(11,83,148);background-color:rgb(255,255,255)"><b>Password:</b></div><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;background-color:rgb(255,255,255)"><ul><li style="margin-left:15px;color:rgb(11,83,148)"><span style="color:rgb(34,34,34);font-size:12.8px">Password should be changed in every 60 days (configurable)</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Yes </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;background-color:rgb(255,255,255)"><ul><li style="margin-left:15px;color:rgb(11,83,148)"><span style="color:rgb(34,34,34);font-size:12.8px">If user enters password wrong three times account is locked out for 15 min (configurable)</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Yes </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;background-color:rgb(255,255,255)"><ul><li style="margin-left:15px"><span style="font-size:12.8px">Password chosen should not be previous 24 passwords</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Yes </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;background-color:rgb(255,255,255)"><ul><li style="margin-left:15px"><span style="font-size:12.8px">Password should have a letter and a number</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Yes </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;background-color:rgb(255,255,255)"><ul><li style="margin-left:15px;color:rgb(11,83,148)"><span style="color:rgb(34,34,34);font-size:12.8px">Password should not have consecutive letters</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Maybe, if you can come up with a way to write that as regex (probably not though). We'll add ability to create custom password policies in the future though.</div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:12.8px;background-color:rgb(255,255,255)"><ul><li style="margin-left:15px;color:rgb(11,83,148)"><br></li></ul></div><div style="font-family:arial,sans-serif;font-size:12.8px;color:rgb(11,83,148);background-color:rgb(255,255,255)"><b>Inactivity:</b></div><div style="font-family:arial,sans-serif;font-size:12.8px;color:rgb(11,83,148);background-color:rgb(255,255,255)"><ul><li style="margin-left:15px"><span style="color:rgb(34,34,34);font-size:12.8px">Application session inactivity - default is 45 minutes (can be configured)</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Yes, you can configure idle timeout for a session. Idle for a session is if there are no app logins or token refreshes </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div style="font-family:arial,sans-serif;font-size:12.8px;color:rgb(11,83,148);background-color:rgb(255,255,255)"><ul><li style="margin-left:15px"><span style="color:rgb(34,34,34);font-size:12.8px">Account inactivity - account inactivity is 30 days default (configurable)</span></li></ul></div></div></div></div></div></div></div></blockquote><div>Yes </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><span class=""><font color="#888888"><div><br></div><div>-Richard</div><div><br></div><div><br></div><div><br></div> </font></span></div></div> </div></div> </div></div>
<br>_______________________________________________<br>
keycloak-user mailing list<br>
<a href="mailto:keycloak-user@lists.jboss.org">keycloak-user@lists.jboss.org</a><br>
<a href="https://lists.jboss.org/mailman/listinfo/keycloak-user" rel="noreferrer" target="_blank">https://lists.jboss.org/mailman/listinfo/keycloak-user</a><br></blockquote></div><br></div></div>