[keycloak-user] Question re Keycloak password / session ploicies
Stian Thorgersen
sthorger at redhat.com
Tue Apr 12 00:37:41 EDT 2016
On 11 April 2016 at 20:49, Richard Lavallee <rllavallee at hotmail.com> wrote:
> Does Keycloak support the following requirements?
>
> *Password:*
>
> - Password should be changed in every 60 days (configurable)
>
> Yes
>
> - If user enters password wrong three times account is locked out for
> 15 min (configurable)
>
> Yes
>
> - Password chosen should not be previous 24 passwords
>
> Yes
>
> - Password should have a letter and a number
>
> Yes
>
> - Password should not have consecutive letters
>
> Maybe, if you can come up with a way to write that as regex (probably not
though). We'll add ability to create custom password policies in the future
though.
>
> -
>
> *Inactivity:*
>
> - Application session inactivity - default is 45 minutes (can be
> configured)
>
> Yes, you can configure idle timeout for a session. Idle for a session is
if there are no app logins or token refreshes
>
> - Account inactivity - account inactivity is 30 days default
> (configurable)
>
> Yes
>
> -Richard
>
>
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160412/5ffb1876/attachment.html
More information about the keycloak-user
mailing list