Password policy settings

Service Center
On our radar
In both ServiceCenter and Users
Created on 21 Feb 2012
Comments (10)
Can you give an example what you would like regarding this subject?
23 Feb 2012
Normal policies:
- Don't allow passwords already used by the user (password history)
- Password maximum age
- Password minimum complexity and length
- Password lockage by attempted failed logins
9 Feb 2015

You can use external authentication to have password policies for the users.
External authentication for Lifetime is coming soon.

11 Feb 2015
Just a hint, if you can't wait for an enhancement in future versions.. You could overwrite the Change Password Screens / Actions reusing, partially, the native OS logics and implementing your own.
22 May 2015
Hi Guys,

Any where I can set password complexity for Lifetime and Servicecenter?
29 May 2015
There are no built-in features for this.  As the previous posts state you must use an external authentication mechanism or write yur own logic for the password screens.  There are several Forge components that interface with external mechanisms such as LDAP.

Hope this helps,
10 Jun 2015
It's becoming a serious issue.

Even if you want to enforce a password-policy, there is no way to alter the change-password inside the Users-espace

From the user eSpace itself this isn't possible, but you can write you own password logic and save this as the password for the user (by using the getForUpdate action from user entity with the encrypt() system function).
12 Jun 2015
@Evert, true, but you have to disable the Users-espace for that (one thing I didn't knew was possible)
Hello Statler,

I thought it's also possible without setting it on disable? But maybe when users isn't the user provider eSpace?

Kind regards,