How to set password policy for AEM Users

Hello Everyone,

In my recent AEM project, Adobe was the one who was handling servers and one day

when I was trying to create users in AEM via classic UI, so there was no error while

creating users but when i search for that particular user, i could not able to find the user.

I raised this issue to Adobe and got to know that they have made a configuration

for password constraint and while making users we need to follow that constraint.

Now the question is where Adobe defined the constant for password policy and is

it a good thing to do?

There is one OSGi Configuration in Felix console which is “Apache Jackrabbit

Oak Authorizable ActionProvider”.

Fig:Apache Jackrabbit Oak Authorizable ActionProvider

In this configuration enable the “PasswordValidationAction” in the “Authorizable Actions”

and add the regex in "Configure PasswordValidationAction:Password Constraint".

The ideal constraint defined by adobe is :

(?\=.*\\d.*)(?\=.*[a-z].*)(?\=.*[A-Z].*)(?\=.*[@#%\\*\\-+\=~\\[\\]{}<>\\?].*).{12,}

Which means at least 12 characters,one uppercase,one lowercase, one digit and

one special character.

But it’s completely your choice which regex value you want to configure.

In AEM, by default we can assign any password to a user. But we can restrict

this and force users to strict password validation rule to increase more security

for the users so that nobody can create users with simple passwords and accounts

can be hacked easily.

Note :If you face a similar issue, then yes in classic UI this is an AEM (I checked in 6.5)

issue that it doesn’t show any error if you don't follow the policy but in touch UI,

it shows the error notification.

Note: If your servers are not being handled by adobe but by yourself, it is always

recommended to enable the password constraints for the servers.

Hope it will help you guys !!

Thanks and Happy Learning.