Account Service schema: Password complexity missing params

ratagupt
Guppy

Posts: 87

Account Service schema: Password complexity missing params Aug 19, 2021 13:45:34 GMT

Quote

Post by ratagupt on Aug 19, 2021 13:45:34 GMT

Hi Team,

Would it be good if we add the password complexity parameters in the account service:

MinUpperCaseCharacters: how many minimum upper case characters should be added in the password
MinLowerCaseCharacters: how many minimum upper case characters should be added in the password
MinDigits: how many minimum digits should be added in the password
MinSpecialCharacters: how many minimum special characters should be added in the password

or

Should we define other schema for the password policy?

Ratan

ratagupt Guppy Posts: 87	Account Service schema: Password complexity missing params Aug 23, 2021 4:51:02 GMT Quote Select Post Deselect Post Link to Post Back to Top Post by ratagupt on Aug 23, 2021 4:51:02 GMT mraineri jautor ^^^
	Last Edit: Aug 23, 2021 4:51:42 GMT by ratagupt

jautor
Administrator

Posts: 503

Account Service schema: Password complexity missing params Aug 24, 2021 22:44:45 GMT

Quote

Post by jautor on Aug 24, 2021 22:44:45 GMT

We had discussed the topic of "password complexity rules" previously, and came to the conclusion that there wasn't a good answer that could cover all the common use cases with any chance of interoperability. We do have min/max password length (with the potential for allowing users to adjust those values). But describing the numerous possible combinations of rules (which seemed to even be beyond the scope of a RegEx) isn't something we were able to solve easily.

For example - in your list you allow for adjusting the quantity of 4 types of characters - but what about the combinations (must have 3 of the 4 types), and what constitutes a "special character"?

Jeff

Account Service schema: Password complexity missing params

Post by ratagupt on Aug 19, 2021 13:45:34 GMT

Post by ratagupt on Aug 23, 2021 4:51:02 GMT

Post by jautor on Aug 24, 2021 22:44:45 GMT