Configuring the Unique Characters Password Validator - PingDirectory

Page created: 15 Jul 2022 |

Page updated: 20 Jan 2023

| 1 min read

9.2 Product PingDirectory Directory Capability Product documentation Content Type Administration User task Configuration IT Administrator Administrator Audience Software Deployment Method

Use the dsconfig tool to configure, update, and test the Unique Characters Password Validator.

To edit the existing default configuration, run the dsconfig tool.
In this example, we set the minimum number of unique characters that a password is allowed to contain to 3.
```
$ bin/dsconfig set-password-validator-prop \ 
  --validator-name "Similarity-Based" --set min-unique-characters:3
```

Update an existing password policy to use the Unique Characters Password Validator.

$ bin/dsconfig set-password-policy-prop \ 
  --policy-name "Default Password Policy" \
  --set "password-validator:Unique Characters"

Test the Unique Characters Password Validator by submitting a password that has fewer than the minimum number of unique characters, such as 3.
```
$ bin/ldappasswordmodify \
  --authzID "uid=user.0,ou=People,dc=example,dc=com" \
  --newPassword aaaaa
```
The LDAP password modify operation failed with result code 53 Error Message: The provided new password failed the validation checks defined in the server: The provided password does not contain enough unique characters. The minimum number of unique characters that may appear in a user password is 3