Uploaded image for project: 'mod-login'
  1. mod-login
  2. MODLOGIN-38

Technical Design: Local Password Rules Parameters/Configuration



    • Story
    • Status: Closed (View Workflow)
    • P3
    • Resolution: Done
    • None
    • None
    • EPAM Sprint 1, EPAM Sprint 2
    • 5
    • Folijet
    • Large < 10 days
    • Depends on where configuration lies. Tenant level may represent default configuration and in a future release, will support the ability for tenants to make updates via UI.
    • Medium < 5 days


      As a Folio System Administrator
      I want to enforce strong local password rules
      So that the ability for someone to illegally access or brute force attack Folio is minimized.


      • Implementation needs to be flexible to make global password requirement updates (e.g. minimum requirement)
      • Implementation need to be flexible to support tenant level password requirement updates based on an institution's requirements.
      • For users that had access when no password rules were implemented, ensure that have access as long as status = active.
        • if the status changed from inactive to active then force the user to comply with current password requirements.
        • Otherwise all new users must comply with new rules

      Valid password requirement rules

      • Has a minimum 8 characters (frontend)
      • Contains both lowercase and uppercase letters (frontend)
      • Contains at least one numeric character (frontend)
      • Contains at least one special character (frontend)
      • Is not your username (backend)
      • Is not on the bad passwords list(s) (UIU-509) (frontend)
      • Cannot be a word in a TBD dictionary (UIU-509) (frontend)
      • Is not a keyboard sequence (ex. 123456) (frontend)
      • Is not the same character (ex. BBBBBBB) (frontend)
      • Is not one of the last 10 previously used password (UIU-510) (backend)

      TestRail: Results


          Issue Links



                kgambrell Khalilah Gambrell
                kgambrell Khalilah Gambrell
                0 Vote for this issue
                7 Start watching this issue



                  TestRail: Runs

                    TestRail: Cases