From 87c45437a5a78752a6155ba7a7a5d9ee0a605a50 Mon Sep 17 00:00:00 2001 From: mposolda Date: Tue, 21 Nov 2023 17:16:37 +0100 Subject: [PATCH] Release notes for max auth age password policy Signed-off-by: mposolda Co-authored-by: andymunro <48995441+andymunro@users.noreply.github.com> --- docs/documentation/release_notes/topics/23_0_0.adoc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/docs/documentation/release_notes/topics/23_0_0.adoc b/docs/documentation/release_notes/topics/23_0_0.adoc index db57eb4a15..c0a3eeefe5 100644 --- a/docs/documentation/release_notes/topics/23_0_0.adoc +++ b/docs/documentation/release_notes/topics/23_0_0.adoc @@ -76,3 +76,10 @@ See the migration guide for details. Keycloak now features `http-max-queued-requests` option to allow proper rejecting of incoming requests under high load. For details refer to the https://www.keycloak.org/server/configuration-production[production guide]. + += Password policy for specify Maximum authentication time + +Keycloak supports new password policy, which allows to specify the maximum age of an authentication with which a password may be changed by user without re-authentication. +When this password policy is set to 0, the user will be required to re-authenticate to change the password in the Account Console or by other means. +You can also specify a lower or higher value than the default value of 5 minutes. Thanks to https://github.com/thomasdarimont[Thomas Darimont] for the contribution. +