Ad Code

Wednesday, October 16, 2019

How to set password policy for AEM Users

Hello Everyone,

In my recent AEM project, Adobe was the one who was handling servers and one day
when I was trying to create users in AEM via classic UI, so there was no error while
creating users but when i search for that particular user, i could not able to find the user.

I raised this issue to Adobe and got to know that they have made a configuration
for password constraint and while making users we need to follow that constraint.

Now the question is where Adobe defined the constant for password policy and is
it a good thing to do?

There is one OSGi Configuration in Felix console which is “Apache Jackrabbit
Oak Authorizable ActionProvider”.
Fig:Apache Jackrabbit Oak Authorizable ActionProvider

In this configuration enable the “PasswordValidationAction” in the “Authorizable Actions
and add the regex in "Configure PasswordValidationAction:Password Constraint".
The ideal constraint defined by adobe is :
(?\=.*\\d.*)(?\=.*[a-z].*)(?\=.*[A-Z].*)(?\=.*[@#%\\*\\-+\=~\\[\\]{}<>\\?].*).{12,}
Which means at least 12 characters,one uppercase,one lowercase, one digit and
one special character.

But it’s completely your choice which regex value you want to configure.
In AEM, by default we can assign any password to a user. But we can restrict
this and force users to strict password validation rule to increase more security
for the users so that nobody can create users with simple passwords and accounts
can be hacked easily.

Note :If you face a similar issue, then yes in classic UI this is an AEM (I checked in 6.5)
issue that it doesn’t show any error if you don't follow the policy but in touch UI,
it shows the error notification.
Note: If your servers are not being handled by adobe but by yourself, it is always
recommended to enable the password constraints for the servers.

Hope it will help you guys !!
Thanks and Happy Learning.

No comments:

Post a Comment