Page created: 4 Feb 2020
|
Page updated: 22 Jul 2020
| 1 min read
Product PingDirectory 8.1 Directory Capability Product documentation Content Type Administration User task Configuration IT Administrator Administrator Audience Software Deployment Method
-
Use dsconfig to edit the existing default
configuration.
- In this example, we set the maximum consecutive length of any character
to 3. For example, the following validator rejects any passwords, such as
"baaaa1" or "4eeeeb",
etc.
$ bin/dsconfig set-password-validator-prop \ --validator-name "Repeated Characters" \ --set max-consecutive-length:3
- Or, you can configure the validator to reject any character from a
pre-defined character set that appears more than the specified number of
times in a row (2). You can also specify more than one character set. For
example, the following validator defines two characters sets: [abc] and
[123]. It rejects any passwords with more than two consecutive characters
from a character set. Thus, "aaa", "bbb", "ccc", "abc", or "123" and so on
fails, but "12a3" is
okay.
$ bin/dsconfig set-password-validator-prop \ --validator-name "Repeated Characters" \ --set character-set:123 --set character-set:abc
- In this example, we set the maximum consecutive length of any character
to 3. For example, the following validator rejects any passwords, such as
"baaaa1" or "4eeeeb",
etc.
-
Update an existing password policy to use the Repeated Character Password
Validator.
$ bin/dsconfig --no-prompt set-password-policy-prop \ --policy-name "Default Password Policy" \ --set "password-validator:Repeated Characters"
-
Test the Repeated Character Validator by submitting a password that has more
than the maximum allowable length of consecutive characters.
$ bin/ldappasswordmodify \ --authzID "uid=user.0,ou=People,dc=example,dc=com" \ --newPassword baaa1
The LDAP password modify operation failed with result code 53 Error Message: The provided new password failed the validation checks defined in the server: The provided password contained too many instances of the same character appearing consecutively. The maximum number of times the same character may appear consecutively in a password is 2