Password Policy Creation in v6.10.3

Hi, I have requirement for password and log-in session as below, Minimum length: 8 characters Complexity: Must contain at least three of the following four characters: number, uppercase letter, lowercase letter, printable special character History (reuse): > 6 passwords Expiration: For all end-user accounts <= 90 days; privileged user accounts, including system administrators, 30 days; service account passwords must be changed at least annually Failed login attempts: <= 6 attempts Account lockout: Accounts must remain in locked status until manually unlocked by an administrator Inactive application user sessions must be shut down after a defined period of inactivity – not to exceed 30 minutes. For systems that are subject to compliance with the PCI DSS, re-authentication is required when a session is idle for more than 15 minutes.   Can someone suggest some good ways to implement these security check points for password and log-in session? Thank you.
1 answers

Hi Souyma,

Here are some resources to get your started. In the future, instead of pasting your requirements here, please do some research yourself on Google, the Mendix Forum, and the Mendix App Store before posting here on the forum. Then let us know about what you've already done to attempt to solve the problem yourself. You're much more likely to get great help when you've shown some effort.


Please review these and then post a new specific question if you get stuck somewhere.