[keycloak-user] Is there a possibility to stop users changing their passwords too often?

Marek Posolda mposolda at redhat.com
Fri Mar 18 05:04:32 EDT 2016


this is not available right now. It can be achieved with password 
policy, but we don't have such a password policy right now. We can either:
- Add the password policy to have this available in Keycloak OOTB
- Make PasswordPolicy pluggable SPI, so you can add your custom password 
policy for the functionality like this.

Feel free to create JIRA for this.


On 16/03/16 15:02, Kevin Thorpe wrote:
> A standard practice for login systems is to stop users changing their 
> passwords too often. Keycloak does not support this as of 1.7.0. Is 
> there a possibility of adding a timeout to stop too frequent password 
> changes?
> *Kevin Thorpe*
> VP Enterprise Platform
> www.p-i.net <http://www.p-i.net/> | @PI_150 <https://twitter.com/@PI_150>
> *T: +44 (0)20 3005 6750 <tel:%2B44%20%280%2920%203005%206750>  | F: 
> +44(0)20 7730 2635 <tel:%2B44%280%2920%207730%202635>  | T: +44 (0)808 
> 204 0344 <tel:%2B44%20%280%29808%20204%200344> *
> *150 Buckingham Palace Road, London, SW1W 9TR, UK*
> ____________________________________________________________________
> This email and any files transmitted with it are confidential and 
> intended solely for the use of the individual or entity to whom they 
> are addressed. If you have received this email in error please notify 
> the system manager. This message contains confidential information and 
> is intended only for the individual named. If you are not the named 
> addressee you should not disseminate, distribute or copy this e-mail. 
> Please notify the sender immediately by e-mail if you have received 
> this e-mail by mistake and delete this e-mail from your system. If you 
> are not the intended recipient you are notified that disclosing, 
> copying, distributing or taking any action in reliance on the contents 
> of this information is strictly prohibited.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160318/39ffcd89/attachment.html 

More information about the keycloak-user mailing list