Thanks Marek for your inputs.
I have successfully implemented #1, 2 & 4 now. I am not sure how should I
proceed with #3 requirement.
Thanks in advance.
Thanks and Regards,
Krishna Kuntala
Mob: +447550323307
On Mon, Sep 4, 2017 at 4:27 PM, Marek Posolda <mposolda(a)redhat.com> wrote:
AFAIK 4 can be done through BruteForce protector. See the admin
console
brute force settings (It's in different place then password policies).
For 1,2,3 you would need to implement custom password policies.
PasswordPolicy is an SPI, so you can add new providers to existing ones.
See our documentation for SPI and providers and also the keycloak-examples
distribution and especially the directory "providers".
Marek
On 01/09/17 15:26, Krishna Kuntala wrote:
> We have following requirements w.r.t. password policies. I am not sure
> whether we would be able to add custom password policies. If yes, how to
> define custom policies?
>
> 1. Password max length should be 16
> 2. Only allow 2 repeating characters
> 3. Satisfy 3 out of 4 password criterias mentioned in
> "Authentication->Password Policy"
> 4. Lock account for 1 hour after 3 failed login attempts
>
> Please let me know whether these requirements can be configured from the
> UI
> or do I need to implement some code to achieve this?
>
> Thanks and Regards,
> Krishna Kuntala
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
>
https://lists.jboss.org/mailman/listinfo/keycloak-user
>