Set de following config keys:
- password.restriction=RELAX
- password.restriction.minLength=4
- password.restriction.mustNotMatchUsername=FALSE
- password.restriction.forbiddenValue=
- password.restriction.strength=VERY_WEAK
# Valid values: RELAX, WARN or REJECT # RELAX : Don't perform any strength checks on the password in both interactive and non-interactive mode # WARN : Display a message about the strength of the password. Ask confirmation if the password is weak in interactive mode # REJECT : Display a message about the strength of the password (if the password is weak, the user is not created). # Ask confirmation if the password is weak in interactive mode password.restriction=RELAX # Password minimum length password.restriction.minLength=4 # Password must contains at least one alpha password.restriction.minAlpha=1 # Password must contains at least one digit password.restriction.minDigit=1 # Password must contains at least one symbol password.restriction.minSymbol=1 # Password must not match the username. Valid values: TRUE or FALSE. password.restriction.mustNotMatchUsername=FALSE # Comma separated list of forbidden passwords (easily guessable) password.restriction.forbiddenValue= # Password strength. Valid values: VERY_WEAK, WEAK, MODERATE, MEDIUM, STRONG, VERY_STRONG or EXCEPTIONAL. # If not present, it defaults to "MODERATE" password.restriction.strength=VERY_WEAK # Class of password strength checker. # If not present, utility will revert to default implementation password.restriction.checker=org.jboss.as.domain.management.security.password.simple.SimplePasswordStrengthChecker
A dream come true for lazy (and bad memory) developers.
No hay comentarios:
Publicar un comentario