Breadcrumbs

PasswortValidation

[]

Target groups

  • Administrator (Web)

Context

Users passwords should not be simple?

Password should meet some criteria like including upper-, lower - and special character?

Meet two of those conditions but always have size 8 at least?

Enforcing a password policy is possible ...

How to

Within the satellite group you find a SessionManagerConfiguration config file.

You can modify/add validation rules as regular expression, group them and set a minimum to match on these groups.

Example:

XML
    <validations>
       <validation target="password" min-match="1">
          <patternrule pattern=".{8,}" name="length"/>
       </validation>
       <validation target="password" min-match="3">
          <patternrule pattern=".*[a-zöäüß].*" name="lowercase"/>
          <patternrule pattern=".*[A-ZÖÄÜ].*" name="uppercase"/>
          <patternrule pattern=".*[0-9].*" name="digit"/>
          <patternrule pattern=".*[^a-zöäüßA-ZÖÄÜ0-9].*" name="special"/>
       </validation>
    </validations>

Good to know:

  • The 'name' of failed rules is reported and usable in skin.