Properties for password policies

You can customize your password policies as required.

General

Key

Description

com.aris.umc.password.length.min

Minimum length

Specifies the minimum length of a password.

Valid input

Integer > 0

com.aris.umc.password.length.max

Maximum length

Specifies the maximum length of a password.

Valid input

0 < Integer > 47

com.aris.umc.password.characters.lowercase.min

Minimum number of lowercase letters

Specifies the minimum number of lowercase letters in a password.

Valid input

Integer > 0

com.aris.umc.password.characters.uppercase.allowed

Allow uppercase letters

Specifies whether uppercase letters are allowed in a password. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.uppercase.min

Minimum number of uppercase letters

Specifies the minimum number of uppercase letters in a password.

Valid input

Integer > 0

com.aris.umc.password.characters.numeric.allowed

Allow numbers

Specifies whether numbers are allowed in a password. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.numeric.min

Minimum number of numbers

Specifies the minimum number of numbers that must be contained in a password.

Valid input

Integer > 0

com.aris.umc.password.characters.special.allowed

Allow special characters

Specifies whether special characters are allowed in a password. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.special.min

Minimum number of special characters

Specifies the minimum number of special characters in a password.

Valid input

Integer > 0

com.aris.umc.password.characters.special.set

Special characters

Specifies which characters are special characters.

Valid input

String

Example

*$-+?&=!%{}/ _

com.aris.umc.password.characters.sequential.allowed

Allow sequential characters

Specifies whether sequential characters are allowed in a password. This means a password can contain letters that follow each other in the alphabet, for example, abcfghsd. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.sequential.min

Minimum number of sequential characters

Specifies the minimum number of sequential characters in a password.

Valid input

Integer

Example

3

com.aris.umc.password.characters.repetitive.allowed

Allow repetitive characters

Specifies whether repetitive characters are allowed in a password. This means a password can contain the same letter in succession, for example, mmjfghsd. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.repetitive.min

Minimum number of repetitive characters

Specifies the minimum number of repetitive characters in a password.

Valid input

Integer

Example

3

com.aris.umc.password.characters.context.allowed

Allow context-related passwords

Specifies whether context-related characters are allowed in a password. For example, if your username is JohnDoe, your password can be JohnIsBack. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.context.min

Minimum number of context-related characters

Specifies the minimum number of context-related characters in a password.

Valid input

Integer

Example

3

com.aris.umc.password.characters.common.allowed

Allow commonly used passwords

Specifies whether commonly used passwords are allowed. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.characters.common.set

Common passwords

Specifies a comma-separated list of common passwords.

Valid input

String

Example

myPassword,myLogin

Expiring passwords

Key

Description

com.aris.umc.password.expiry.active

Activate expiring passwords

Specifies whether passwords are set to be valid only for a specific amount of time. This is defined for a single tenant. Once the password has expired, the user is directed to a Web site enabling the password to be changed. Thereafter, the user is redirected to the application. The default value is false.

Valid input

true, false

Example

False

com.aris.umc.password.expiry.days

Password lifetime

Specifies the period of time in days after which a password expires. This is defined for a single tenant.

Valid input

Integer > 0

Advanced settings

Key

Description

com.aris.umc.password.change.forceAfterReset

Force change after reset

Specifies whether a user must change the password if it was reset (and sent via e-mail). This is defined for a single tenant. The default value is false.

Valid input

true, false

Example

False

com.aris.umc.password.change.forceDifference

Force different password

Specifies whether the new password must differ from the old one. This is defined for a single tenant. The default value is false.

Valid input

true, false

Example

False

com.aris.umc.password.change.forceOnFirstLogin

Force change before first login

Specifies whether a user must change the password upon first login. This is defined for a single tenant. The default value is false.

Valid input

true, false

Example

False

com.aris.umc.password.reset.confirmation.active

Activate reset confirmation

Specifies whether a user must confirm a password reset. The default value is true.

Valid input

true, false

Example

True

com.aris.umc.password.reset.confirmation.ttl

Link lifetime

Specifies the time in minutes during which a user can click the emailed link to confirm the password.

Valid input

Integer > 0

Example

30