This topic has 2 replies, 3 voices, and was last updated 5 years, 5 months ago by 
.
-
Posts
-
Hi, We want to maintain a file which contains the list of bad passwords that we don’t want our customers to choose. Is there a way to achieve this in OpenDJ? This is not the password history related one which is specific to customer. But this Restricted list should apply basically to all DJ users.
Any help here will be appreciated.
Thanks,
Anji.Hi,
Yes, OpenDJ has password validators that can be configured and enabled in password policies. One of them checks against a file (
wordlist.txt). It’s name isdn: cn=Dictionary,cn=Password Validators,cn=config, and it’s disabled by default. You can change the file it checks against.I’ve been doing some research on lists of bad passwords and have started to build a file with about 35 000 bad passwords (either bad practice or known to be heavily used). If possible, I’d be interested in comparing such bad password files and replace the default OpenDJ wordlist with one of these files.
@anji-yallacapitalone-com though not the specific use case that you’ve asked, I do have a screen-cast that talks about configuring Password Validators in OpenDJ. It’s based on the ForgeRock OpenDJ documentation and might give you some hints for your specific requirement:
You must be logged in to reply to this topic.
