NF1.0 PasswordRules

From iDempiere en
Jump to navigation Jump to search

Feature: Password Rules

Goal: Security

Sponsor: Trek Global

External Credits: Supported on vt-password and vt-dictionary libraries by Middleware Services at Virginia Tech.

Description:

  • Implementors can define now system wide password policies using the window Password Rule, in this window you can configure:
    • Lengths: maximum and/or minimum
    • Number of Characters Required per type: Alphabetical, Digit, Uppercase, Lowercase, Non-Alphanumeric
    • Length of sequences to Forbid per type: Alphabetical, Numerical, QWERTY (keyboard), Repeated characters
    • Disallow using username within the password
    • Disallow whitespaces within the password
    • Check password against a text configurable dictionary, in this case you can also configure if the match will be checked backwards also and the minimum word length to check
  • On Client just for System Client window you can configure the specific password policies that you want to apply to each client

NF001 SEC PasswordRules.png


Technical Info: IDEMPIERE-221