Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-79564

Password Policy to Reject Passwords that Match Emails and Screen Names

    Details

    • Priority Level:
      Low

      Description

      Description:
      Some users would find it beneficial to have an additional Password Policy option which Rejects the users password if it matches their username or email address. This would discourage users from creating insecure passwords.

      The following scenario illustrates the current behavior:

      1. Startup Liferay DXP
      2. Navigate to
        Left Navigation Menu → Control Panel → Users → Password Policies
      3. Edit Default Password Policy or create new Password Policy

      Note that the available options do not include a way to prevent users from simply copying their username or email address as their password.

      End Goal:
      Add an option under the Password Policy to prevent the username and email address from being used as the password.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              support-lep@liferay.com SE Support
              Reporter:
              justin.bowman Justin Bowman
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:

                  Packages

                  Version Package