IS Password restriction

nataraj · June 29, 2010, 10:17pm

The following is the default password restrictions mentioned in IS 6.5

Minimum Password Length 8
Minimum Number of Upper Case Characters 2
Minimum Number of Lower Case Characters 2
Minimum Number of Digits 1
Minimum Number of Special Characters
(neither alphabetic nor digits) 1

If this is the case, then why ‘abc2010’ is getting accepted.

mininum pass length is set to 8, but my pass length is 7

IS was throwing exceptions when I try to change the password to ‘abc’ (like Warning: Selected password violates the current password guidelines.)

But it is just warning. My password is still getting changed.

Can somone please help me to understand this

system · June 29, 2010, 10:58pm

Password complexity is not enforced for administrator users.

nataraj · June 30, 2010, 3:38pm

Thanks. But the userid I am using is not an administator.

system · June 30, 2010, 4:42pm

How are you changing passwords? If you are an admin changing a user password, you will only receive a warning. If you are a developer, you should not be able to set your own password to a value that does not meet complexity guidelines.

You might want to look at using LDAP if you have more than a few users you need to manage.

nataraj · June 30, 2010, 8:34pm

Hi thanks for this. I now understood the problem. I was trying to change the user password via ‘Admin’ login.

When I try to change the password through developer tool, I can able to see the restrictions.