This topic has 4 replies, 3 voices, and was last updated 4 years, 10 months ago by Andy Cory.

  • Author
  • #18964

    Hello Everyone,

    I have been looking for any confirmation if the Open Suite of tools supports a password blacklist to prevent users having a password of the right complexity, but still easy to guess.
    E.G Password123 – Uppercase, lowercase, numericals and over the required length.

    I cannot find any mention or queries of this.

    Any thoughts?

     Andy Cory

    The best way to achieve this is likely to be with a custom password validator, which is a Java class that extends the default PasswordValidator. In this class you can code whatever behaviour you want, including checking against a password blacklist. There is some info on custom validators here ->

     Andy Cory

    I should have said this is in OpenDJ rather than OpenAM!

     Brad Tumy
     Andy Cory

    Thanks @brad-tumy, even better than there’s an out of the box solution – I’d missed that.

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?