Password patterns and configurations in Smarten

Modified on Thu, 14 Mar at 1:53 PM

By default Smarten password pattern is simple.

If you want to implement different password policy, you can control various aspects of password policy such as strict password characters, number of attempts, and encryption.

The settings for password pattern can be set in default.conf file under smarten folder (wildfly/standalone/deployments/smarten.war/conf/default.conf).

Settings for password pattern:

1. ENABLE_STRICT_PASSWORD parameter to configure password character patterns for setting the password character     policy.

    This parameter should be set to true in default.conf file of smarten war file to have more hard character patterns that          pass the below rules.

    Common Rules of strict password:

  • Passwords should be minimum 8 characters long.
  • Minimum one upper case and one lower case letter are required.
  • Minimum one number (0-9 digit) is required.
  • Minimum one special character is required. Valid characters are!\"#$%&'()*+,-./:;<=>?@[ \\ ]^_`{|}~

PS: The default value of ENABLE_STRICT_PASSWORD parameter is false.

Example:

ENABLE_STRICT_PASSWORD = True

ENABLE_STRICT_PASSWORD = False

Sm@r10@pp

SmartenApp

$tr!ctP@$$w0rd

Strictpassword

  

2. MAXIMUM_NO_OF_ATTEMPTS parameter to define the maximum wrong password attempts.

If the number of wrong password attempts exceeds or if the user enters wrong password more times than the specified value, then the smarten users will be made inactive temporarily for 2 hours. They will be able to login after 2 hours.

For e.g. If the number of wrong attempts to be set as 5, opendefault.conf file and set the parameter value as ‘MAXIMUM_NO_OF_ATTEMPTS=5’.

 

3. ENABLE_PASSWORD_ENCRYPTION can be set to true if password encryption is required.

This is like the translation of login password into an encrypted code for data security purposes. During user login, the login password will be encrypted and compared with the stored version for verification. By default, the password encryption is set as ‘false’ (ENABLE_PASSWORD_ENCRYPTION=false) in Smarten, and you can set this value to ‘true’ to enable password encryption.

 

Please refer to Application Security Implementation Manual to learn more.



Note: This article is based on Smarten Version 5.x. This may or may not be relevant to the Smarten Version 5.x you may be using.

#smarten #password policies #smartenpassword #password #configuration #strict password #hard password

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select at least one of the reasons
CAPTCHA verification is required.

Feedback sent

We appreciate your effort and will try to fix the article