January 20, 2017 at 5:35 pm #15459[email protected]Participant
Hi, We want to maintain a file which contains the list of bad passwords that we don’t want our customers to choose. Is there a way to achieve this in OpenDJ? This is not the password history related one which is specific to customer. But this Restricted list should apply basically to all DJ users.
Any help here will be appreciated.
Anji.January 20, 2017 at 5:50 pm #15460LudoModerator
Yes, OpenDJ has password validators that can be configured and enabled in password policies. One of them checks against a file (
wordlist.txt). It’s name is
dn: cn=Dictionary,cn=Password Validators,cn=config, and it’s disabled by default. You can change the file it checks against.
I’ve been doing some research on lists of bad passwords and have started to build a file with about 35 000 bad passwords (either bad practice or known to be heavily used). If possible, I’d be interested in comparing such bad password files and replace the default OpenDJ wordlist with one of these files.
January 23, 2017 at 8:43 am #15472Rajesh RParticipant
- This reply was modified 5 years, 5 months ago by Ludo.
@anji-yallacapitalone-com though not the specific use case that you’ve asked, I do have a screen-cast that talks about configuring Password Validators in OpenDJ. It’s based on the ForgeRock OpenDJ documentation and might give you some hints for your specific requirement:
You must be logged in to reply to this topic.