techies/authelia
1
0
Fork 0
mirror of https://github.com/0rangebananaspy/authelia.git synced 2024-09-14 22:47:21 +07:00
Code Issues Projects Releases Wiki Activity
8659ba394d
authelia/docs/configuration/password_policy.md
Manuel Nuñez 8659ba394d
feat(authentication): password policy (#2723) 
Implement a password policy with visual feedback in the web portal.

Co-authored-by: Manuel Nuñez <@mind-ar>
Co-authored-by: James Elliott <james-d-elliott@users.noreply.github.com>
2022-04-03 08:32:57 +10:00

2.5 KiB
Raw Blame History

layout title parent nav_order
default Password Policy Configuration 17

Password Policy

Authelia allows administrators to configure an enforced password policy.

Configuration

password_policy:
  standard:
    enabled: false 
    min_length: 8
    max_length: 0
    require_uppercase: true
    require_lowercase: true
    require_number: true
    require_special: true
  zxcvbn:
    enabled: false

Options

standard

type: list {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

This section allows you to enable standard security policies.

enabled

type: bool {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Enables standard password policy

min_length

type: integer {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Determines the minimum allowed password length

max_length

type: integer {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Determines the maximum allowed password length

require_uppercase

type: bool {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Indicates that at least one UPPERCASE letter must be provided as part of the password

require_lowercase

type: bool {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Indicates that at least one lowercase letter must be provided as part of the password

require_number

type: bool {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Indicates that at least one number must be provided as part of the password

require_special

type: bool {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Indicates that at least one special character must be provided as part of the password

zxcvbn

This password policy enables advanced password strengh metering, using Dropbox zxcvbn package.

Note that this password policy do not restrict the user's entry, just warns the user that if their password is too weak

enabled

type: bool {: .label .label-config .label-purple } required: no {: .label .label-config .label-green }

Enables standard password policy

Note:

  • only one password policy can be applied at a time