What properties are available for password policies?

You can customize your password policies as required.

General

Key

Description

Valid input

Example

com.aris.umc.password.length.min

Minimum length

Specifies the minimum length of a password.

Integer > 0

 

com.aris.umc.password.length.max

Maximum length

Specifies the maximum length of a password.

0 < Integer > 47

 

com.aris.umc.password.characters.lowercase.min

Minimum number of lowercase letters

Specifies the minimum number of lowercase letters in a password.

Integer > 0

 

com.aris.umc.password.characters.uppercase.allowed

Allow uppercase letters

Specifies whether uppercase letters are allowed in a password.

true, false

 

com.aris.umc.password.characters.uppercase.min

Minimum number of uppercase letters

Specifies the minimum number of uppercase letters in a password.

Integer > 0

 

com.aris.umc.password.characters.numeric.allowed

Allow numbers

Specifies whether numbers are allowed in a password.

True, False

 

com.aris.umc.password.characters.numeric.min

Minimum number of numbers

Specifies the minimum number of numbers that must be contained in a password.

Integer > 0

 

com.aris.umc.password.characters.special.allowed

Allow special characters

Specifies whether special characters are allowed in a password.

True, False

 

com.aris.umc.password.characters.special.min

Minimum number of special characters

Specifies the minimum number of special characters in a password.

Integer > 0

 

com.aris.umc.password.characters.special.set

Special characters

Specifies which characters are special characters.

String

*$-+?&=!%{}/ _

Expiring passwords

Key

Description

Valid input

Example

com.aris.umc.password.expiry.active

Activate expiring passwords

Specifies whether passwords are set to be valid only for a specific amount of time. This is defined for a single tenant. Once the password has expired, the user is directed to a Web site enabling the password to be changed. Thereafter, the user is redirected to the application.

True, False

 

com.aris.umc.password.expiry.days

Password lifetime

Specifies the period of time in days after which a password expires. This is defined for a single tenant.

Integer > 0

 

Advanced settings

Key

Description

Valid input

Example

com.aris.umc.password.change.forceAfterReset

Force change after reset

Specifies whether a user must change the password if it was reset (and sent via e-mail). This is defined for a single tenant.

True, False

 

com.aris.umc.password.change.forceDifference

Force different password

Specifies whether the new password must differ from the old one. This is defined for a single tenant.

True, False

 

com.aris.umc.password.change.forceOnFirstLogin

Force change before first login

Specifies whether a user must change the password upon first login. login.This is defined for a single tenant.

True, False

 

com.aris.umc.password.reset.confirmation.active

Activate reset confirmation

Specifies whether a user must confirm a password reset.

True, False

 

com.aris.umc.password.reset.confirmation.ttl

Link lifetime

Specifies the time in minutes during which a user can click the link sent by e-mail in order to confirm the password.

Integer > 0

30