Configuring a password policy - PingFederate

Page created: 12 Sep 2019 |

Page updated: 19 Mar 2020

| 1 min read

PingFederate 10.0 Product Software Deployment Method Product documentation Content Type Administrator Audience Configuration User task

PingFederate applies a configurable policy to passwords, pass phrases, and shared secrets defined by administrators in the administrative console.

These fields include, but are not limited to:

Passwords used by HTTP Basic authentication for:
- Inbound SOAP messages from partners via back-channel calls
- WS-Trust STS
Shared secrets used by the credentials defined for:
- Attribute Query
- JMX
- Connection Management
- SSO Directory Service
Passwords used by instances of the Simple Username Password Credential Validator
Passwords used for encrypting certificates exported with their private keys
Pass phrases used by IdP Discovery
Passwords used by administrative console credentials when native authentication is used

Note:

Passwords external to PingFederate—passwords used by instances of the Data Stores, for example—are not subject to this password policy.

Edit the password-rules.xml file, located in the <pf_install>/pingfederate/server/default/data/config-store directory.
Save the changes.
Restart PingFederate.
For a clustered PingFederate environment, perform these steps on the console node. No changes or restart of PingFederate is required on the engine nodes.

Configuring a password policy - PingFederate - 10.0