Can we have custom password policy

kiran.ms · May 19, 2021, 12:14pm

Hi,

Currently we have a password policy which doesn’t match exactly with any of your existing password policies (None, Low, Fair, Good or Excellent).

Can we have a custom password policy which applies to both new signup and password reset?

konrad.sopala · May 19, 2021, 1:05pm

Hey there!

Unfortunately as far as I know the answer is no but let me research that once again and get back to you soon!

john.gateley · May 19, 2021, 2:08pm

Hi @kiran.ms

We do not have custom password policies. We follow the OWASP recommendations on password strength (there is a link on the password policy page)

Custom password policies don’t really add any security. Just use the appropriate level from OWASP.

Having said that, you CAN implement a custom password policy using a custom DB connection, but it is a lot of work (and doesn’t get you anything from a security point of view).

John

konrad.sopala · May 27, 2021, 11:53am

Let us know if you have any other questions down the road!

kiran.ms · May 27, 2021, 12:06pm

Nothing for now. Thanks

konrad.sopala · May 28, 2021, 8:41am

Perfect! Thanks a lot!

system · June 12, 2021, 8:42am

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Customize password policy for a specific user Help user-profile , user-management	2	16	October 9, 2024
Enforcing password strength with custom database and no user migration Help password , custom-database , password-strength	2	2047	December 21, 2022
How to get password policy for custom login form? Help signup , custom-login , password-policy	2	3320	December 23, 2021
Custom REGEX for Password policy Feedback auth0 , login	1	2536	January 25, 2022
About changing Password Policy Help	5	1767	August 31, 2022

Can we have custom password policy

Related Topics