[keycloak-user] User defined password policies

Krishna Kuntala kuntalakrishna at gmail.com
Thu Sep 7 06:03:29 EDT 2017


Thanks Marek for your inputs.

I have successfully implemented #1, 2 & 4 now. I am not sure how should I
proceed with #3 requirement.

Thanks in advance.

Thanks and Regards,
Krishna Kuntala
Mob: +447550323307

On Mon, Sep 4, 2017 at 4:27 PM, Marek Posolda <mposolda at redhat.com> wrote:

> AFAIK 4 can be done through BruteForce protector. See the admin console
> brute force settings (It's in different place then password policies).
>
> For 1,2,3 you would need to implement custom password policies.
> PasswordPolicy is an SPI, so you can add new providers to existing ones.
> See our documentation for SPI and providers and also the keycloak-examples
> distribution and especially the directory "providers".
>
> Marek
>
> On 01/09/17 15:26, Krishna Kuntala wrote:
>
>> We have following requirements w.r.t. password policies. I am not sure
>> whether we would be able to add custom password policies. If yes, how to
>> define custom policies?
>>
>> 1. Password max length should be 16
>> 2. Only allow 2 repeating characters
>> 3. Satisfy 3 out of 4 password criterias mentioned in
>> "Authentication->Password Policy"
>> 4. Lock account for 1 hour after 3 failed login attempts
>>
>> Please let me know whether these requirements can be configured from the
>> UI
>> or do I need to implement some code to achieve this?
>>
>> Thanks and Regards,
>> Krishna Kuntala
>> _______________________________________________
>> keycloak-user mailing list
>> keycloak-user at lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/keycloak-user
>>
>
>
>


More information about the keycloak-user mailing list