Trace:
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revision Last revision Both sides next revision | ||
jvx:server:security:password_policy [2018/02/02 10:22] admin created |
jvx:server:security:password_policy [2020/06/15 11:31] cduncan Edited for English grammar (capitalization, punctuation, correct verb conjugation) |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ~~NOTRANS~~ | + | ~~Title: Password Policy Integration~~ |
- | ~~Title: Password policy integration~~ | + | |
- | Applications, especially web applications, require secure passwords. However, users tend to select passwords that are easy to remember. Therefore the responsibility for chosing a secure password can not be left to the user. The application has to provide certain policies. | + | Applications, especially web applications, require secure passwords. However, users tend to select passwords that are easy to remember. Therefore, the responsibility for choosing a secure password cannot be left to the user. The application has to provide certain policies. |
- | This is what the IPasswordValidator interface is for in JVx. It allows the creation of security policies for password. | + | This is what the IPasswordValidator interface is for in JVx. It allows for the creation of security policies for password. |
JVx provides a default implementation: DefaultPasswordValidator. The following policies are supported: | JVx provides a default implementation: DefaultPasswordValidator. The following policies are supported: | ||
Line 15: | Line 14: | ||
* The username cannot be the password | * The username cannot be the password | ||
- | Password validation has to be configured since by default the system only verifies if the password contains at least one character. | + | Password validation has to be configured as ,by default, the system only verifies if the password contains at least one character. |
The configuration is done in config.xml of the application: | The configuration is done in config.xml of the application: |