[keycloak-dev] Configure password policy for realm

Bill Burke bburke at redhat.com
Tue Dec 3 15:50:33 EST 2013


Very nice.

On 12/3/2013 8:13 AM, Stian Thorgersen wrote:
> I've added an option to configure a password policy for a realm.
>
> The password policy is defined as a single string, for example:
>
> "length and digits and lowerCase and upperCase"
>
> Would require a password of minimum length 8 that contains at least one numerical digit, one lower case and one upper case.
>
> The available policies at the moment are:
>
> * length
> * digits
> * lowerCase
> * upperCase
> * specialChars
>
> All take an optional single integer argument, for example:
> 	
> "length(12) and specialChars(2)"
>
> Would require a password of minimum length 12 that contains at least 2 special characters.
>
> The only operator supported (at least at the moment) is 'and', so you couldn't for example have a policy that is:
>
> "length(24) or ( length(12) and specialChars(4) )"
>
> This is just something minimal for M1 and we can tweak it later. One thing that is quite common is to make sure it doesn't contain words from the dictionary for example.
>
> Villiam is working on improving the way it's defined in the admin console to make it more user friendly (and less error prone).
> _______________________________________________
> keycloak-dev mailing list
> keycloak-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-dev
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com


More information about the keycloak-dev mailing list