On 11 April 2016 at 20:49, Richard Lavallee <rllavallee@hotmail.com> wrote:

Does Keycloak support the following requirements?

Password:
Password should be changed in every 60 days (configurable)

Yes

If user enters password wrong three times account is locked out for 15 min (configurable)

Yes

Password chosen should not be previous 24 passwords

Yes

Password should have a letter and a number

Yes

Password should not have consecutive letters

Maybe, if you can come up with a way to write that as regex (probably not though). We'll add ability to create custom password policies in the future though.

Inactivity:
Application session inactivity - default is 45 minutes (can be configured)

Yes, you can configure idle timeout for a session. Idle for a session is if there are no app logins or token refreshes

Account inactivity - account inactivity is 30 days default (configurable)

Yes

-Richard

_______________________________________________
keycloak-user mailing list
keycloak-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user