Security
Password rules
Rules for password handling are configured by entering the parameters in SEC_CONFIG table. All parameters are optional:
-
password.policy.regex – Regular expression for specifying required password complexity.
-
password.policy.trim – If set to true, the empty spaces at the beginning and the end of the entered password are ignored.
-
password.policy.minLength – Minimum password length.
-
password.policy.maxLength – Maximum password length.
-
password.policy.unique – Number of unique new passwords that must be associated with a user account before an old password can be reused.
-
password.policy.expiration – Period of time (in seconds) that a password can be used before the system requires the user to change it.
-
password.policy.description – String displayed to the user when changing the password