By default Smarten password pattern is simple.
If you want to implement different password policy, you can control various aspects of password policy such as strict password characters, number of attempts, and encryption.
The settings for password pattern can be set in default.conf file under smarten folder (wildfly/standalone/deployments/smarten.war/conf/default.conf).
Settings for password pattern:
1. ENABLE_STRICT_PASSWORD parameter to configure password character patterns for setting the password character policy.
This parameter should be set to true in default.conf file of smarten war file to have more hard character patterns that pass the below rules.
Common Rules of strict password:
- Passwords should be minimum 8 characters long.
- Minimum one upper case and one lower case letter are required.
- Minimum one number (0-9 digit) is required.
- Minimum one special character is required. Valid characters are!\"#$%&'()*+,-./:;<=>?@[ \\ ]^_`{|}~
PS: The default value of ENABLE_STRICT_PASSWORD parameter is false.
Example:
ENABLE_STRICT_PASSWORD = True | ENABLE_STRICT_PASSWORD = False |
Sm@r10@pp | SmartenApp |
$tr!ctP@$$w0rd | Strictpassword |
2. MAXIMUM_NO_OF_ATTEMPTS parameter to define the maximum wrong password attempts.
If the number of wrong password attempts exceeds or if the user enters wrong password more times than the specified value, then the smarten users will be made inactive temporarily for 2 hours. They will be able to login after 2 hours.
For e.g. If the number of wrong attempts to be set as 5, opendefault.conf file and set the parameter value as ‘MAXIMUM_NO_OF_ATTEMPTS=5’.
3. ENABLE_PASSWORD_ENCRYPTION can be set to true if password encryption is required.
This is like the translation of login password into an encrypted code for data security purposes. During user login, the login password will be encrypted and compared with the stored version for verification. By default, the password encryption is set as ‘false’ (ENABLE_PASSWORD_ENCRYPTION=false) in Smarten, and you can set this value to ‘true’ to enable password encryption.
Please refer to Application Security Implementation Manual to learn more.
Note: This article is based on Smarten Version 5.x. This may or may not be relevant to the Smarten Version 5.x you may be using.
#smarten #password policies #smartenpassword #password #configuration #strict password #hard passwordWas this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article