PingFederate applies a configurable policy to passwords, pass phrases, and shared secrets defined by administrators in the administrative console.
These fields include, but are not limited to:
- Passwords used by HTTP Basic authentication for:
- Inbound SOAP messages from partners via back-channel calls
- WS-Trust STS
- Shared secrets used by the credentials defined for:
- Attribute Query
- Java Management Extensions (JMX)
- Connection Management
- Single sign-on (SSO) Directory Service
- Passwords used by instances of the Simple Username Password Credential Validator (PCV)
- Passwords used for encrypting certificates exported with their private keys
- Pass phrases used by identity provider (IdP) Discovery
- Passwords used by administrative console credentials when native authentication is used
Note:
Passwords external to PingFederate, such as passwords used by instances of the datastores, are not subject to this password policy.