What options do I have to modify this tag in web.config?
<passwordPolicy lockoutCount="-1" lockoutSeconds="300" expirePeriodInDays="-1" complexityRule="false" lengthRule="false" />
Litium version: 6
What options do I have to modify this tag in web.config?
<passwordPolicy lockoutCount="-1" lockoutSeconds="300" expirePeriodInDays="-1" complexityRule="false" lengthRule="false" />
Litium version: 6
The following options are avaliable:
I just tried this in a solution implemented in Litium 7.2.0 and the only attribute that seems to work is RequiredLength
.
This is my config:
<passwordPolicy lockoutCount="-1" lockoutSeconds="300" expirePeriodInDays="-1" complexityRule="false" lengthRule="true" RequireUppercase="true" RequreLowercase="true" RequireDigit="true" RequireNonLetterOrDigit="false" requiredLength="6" />
But I can choosse a password with e.g. just lowerCase chars. Is my config correct?
It looks correct, please submit this as a bug report. Se correct answer below
Itās not a bug.
In the web.config-section you canāt set all the options and instead you need to use the appSettings key/value with the options that you have in the solution-answer if you want to make more fine-granted changes.
To clarify a bit after investigationā¦
In the passwordPolicy
-element in web.config you can only define the values already there:
<passwordPolicy lockoutCount="-1" lockoutSeconds="300" expirePeriodInDays="-1" complexityRule="false" lengthRule="false" />
Details on these options can be found on docs (see the password policy section).
The passwordPolicy
element settings are then used by Litium to set values to the following options:
Litium:PasswordPolicy:LockoutCount (int)
Litium:PasswordPolicy:LockoutSeconds (int)
Litium:PasswordPolicy:RequireUppercase (bool)
Litium:PasswordPolicy:RequireDigit (bool)
Litium:PasswordPolicy:RequireLowercase (bool)
Litium:PasswordPolicy:RequireNonLetterOrDigit (bool)
Litium:PasswordPolicy:RequiredLength (int)
RequireNonLetterOrDigit, RequireDigit, RequireLowercase, RequireUppercase
RequiredLength
is set to 6And IF you need to be more granular in your setup, for example require a password to be at least 10 characters, you can add the specific option as an appSetting in Web.config:
<appSettings>
<add key="Litium:PasswordPolicy:RequiredLength" value="10" />
...
Thank you both of you for ur answers.
@marten the correct key for lower case is Litium:PasswordPolicy:RequireLowercase
, it is missing an āiā in your answer