[keycloak-user] Question re Keycloak password / session ploicies
Richard Lavallee
rllavallee at hotmail.com
Tue Apr 12 13:32:50 EDT 2016
Password should not have consecutive lettersMaybe, if you can come up with a way to write that as regex (probably not though). We'll add ability to create custom password policies in the future though.
Wouldn't the below suffice for regex? Thus avoiding needing custom work for the short-term?
forward = "ab|bc|cd|de|ef|fg|gh|hi|ij|jk|kl|lm|mn|no|op|pq|qr|rs|st|tu|uv|vw|wx|xy|yz", backward = "zy|yx|xw|wv|vu|ut|ts|sr|rq|qp|po|on|nm|ml|lk|kj|ji|ih|hg|gf|fe|ed|dc|cb|ba", regex = "(" + forward + "|" + backward + ")+";
Date: Tue, 12 Apr 2016 06:37:41 +0200
Subject: Re: [keycloak-user] Question re Keycloak password / session ploicies
From: sthorger at redhat.com
To: rllavallee at hotmail.com
CC: keycloak-user at lists.jboss.org
On 11 April 2016 at 20:49, Richard Lavallee <rllavallee at hotmail.com> wrote:
Does Keycloak support the following requirements?
Password:Password should be changed in every 60 days (configurable)Yes If user enters password wrong three times account is locked out for 15 min (configurable)Yes Password chosen should not be previous 24 passwordsYes Password should have a letter and a numberYes Password should not have consecutive lettersMaybe, if you can come up with a way to write that as regex (probably not though). We'll add ability to create custom password policies in the future though.
Inactivity:Application session inactivity - default is 45 minutes (can be configured)Yes, you can configure idle timeout for a session. Idle for a session is if there are no app logins or token refreshes Account inactivity - account inactivity is 30 days default (configurable)Yes
-Richard
_______________________________________________
keycloak-user mailing list
keycloak-user at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160412/bdd295d3/attachment-0001.html
More information about the keycloak-user
mailing list