[keycloak-user] Display all password rule failures at once

Everson, David (MNIT) David.Everson at state.mn.us
Wed Jun 15 16:14:22 EDT 2016


Hi,

Our users are User Acceptance Testing a Keycloak secured website.  We have defined strong password rules.

Our users reported:
"Staff have requested some modifications to how password validation is presented to the user. Right now if a user submits a password that does not meet all criteria, such as requiring both an Upper case letter and a number, it will not tell you that both are required, just that and Upper case letter is required. When that is added, THEN it will notify you that a number is also needed.

Staff would like the error message to note all issues with the submitted password, or otherwise note somewhere on the Change Password screen what all the criteria for a proper password are, so the user does not have to guess."

We could update the template to include all the rules.  That is probably the quickest.
Is it possible for Keycloak to return all the unsuccessful rules when it validates a password?

Thanks!
Dave

Dave Everson  |  DIVISION OF ENVIRONMENTAL HEALTH
MN.IT Services @ mINNESOTA dEPARTMENT OF hEALTH
651-201-5146 (w)  |    david.everson at state.mn.us<mailto:david.everson at state.mn.us>

[cid:image001.jpg at 01CE4005.70B223E0]<http://www.mn.gov/oet>


Information Technology for Minnesota Government   |   mn.gov/oet<http://www.mn.gov/oet>



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160615/ccc57619/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 1712 bytes
Desc: image001.jpg
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20160615/ccc57619/attachment-0001.jpg 


More information about the keycloak-user mailing list