Hey everyone! I wanna implement following password policies on Umbraco v8, kindly guide me in this regard how can implement these policies:
- Minimum password age: <3 days> (number of days that password must be used before it can be changed again.)
Must contain characters from following categories:
- English uppercase characters (A through Z)
- English lowercase characters (a through z)
- Numbers (0 through 9)
Must meet the following complexity requirements:
-
Does not contain the full or part of the username, or parts of the user’s full name that exceed <4> consecutive characters
-
Password change frequency (expiry): 90 days
-
Password history (number of old passwords remembered): <5>
-
Account lockout threshold: <5 times> (a compromised between genuine
account lock-outs, brute force and denial-of-service attacks) -
Reset lockout count after: <1440 Minutes>
-
Account lockout duration: [account does not unlock automatically] for domain Users and 30 minutes for public Users
Thanks and Regards ~ Farooq Alwi
This is a companion discussion topic for the original entry at https://our.umbraco.com/forum/108869-custom-password-validation-on-password-change