On 11 April 2016 at 20:49, Richard Lavallee <rllavallee(a)hotmail.com> wrote:
Does Keycloak support the following requirements?
*Password:*
- Password should be changed in every 60 days (configurable)
Yes
- If user enters password wrong three times account is locked out for
15 min (configurable)
Yes
- Password chosen should not be previous 24 passwords
Yes
- Password should have a letter and a number
Yes
- Password should not have consecutive letters
Maybe, if you can come up with a way to write that as regex (probably not
though).
We'll add ability to create custom password policies in the future
though.
-
*Inactivity:*
- Application session inactivity - default is 45 minutes (can be
configured)
Yes, you can configure idle timeout for a session. Idle for a session is
if there
are no app logins or token refreshes
- Account inactivity - account inactivity is 30 days default
(configurable)
Yes
-Richard
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user