KEYCLOAK-11700 Passwords in the blacklist must be lowercase
This commit is contained in:
parent
351e4c3749
commit
ea248b5601
1 changed files with 3 additions and 2 deletions
|
@ -64,8 +64,9 @@ Not Recently Used::
|
|||
This policy saves a history of previous passwords. The number of old passwords stored is configurable. When a user changes their password
|
||||
they cannot use any stored passwords.
|
||||
Password Blacklist::
|
||||
This policy checks if a given password is contained in a blacklist file, which is potentially a very large file.
|
||||
Password blacklists are UTF-8 plain-text files with Unix line endings where every line represents a blacklisted password.
|
||||
This policy checks if a given password (converted to lowercase) is contained in a blacklist file, which is potentially a very large file).
|
||||
Password blacklists are UTF-8 plain-text files with Unix line endings where every line represents a blacklisted password.
|
||||
All passwords in the blacklist must be lowercased to facilitate case-insensitive comparison.
|
||||
The file name of the blacklist file must be provided as the password policy value, e.g. `10_million_password_list_top_1000000.txt`.
|
||||
Blacklist files are resolved against `${jboss.server.data.dir}/password-blacklists/` by default.
|
||||
This path can be customized via the `keycloak.password.blacklists.path` system property,
|
||||
|
|
Loading…
Reference in a new issue