Password Management (v7.7.0 and above)

From Elixir Repertoire Server 7.7.0 and above, password policy is introduced to enhance the security.

You can change the password policy from \RepertoireServer\config\ERS2.xml:

<!-- Password Policy (optional) -->
<ers:mbean name="ERS2:name=PasswordPolicy" class="com.elixirtech.ers2.security.PasswordPolicy">
<ers:property name="MinLength">4</ers:property>
<ers:property name="MaxLength">10</ers:property>
<ers:property name="MustHaveDigit">true</ers:property>
<ers:property name="MustHaveUpperCase">true</ers:property>
<ers:property name="MustHaveLowerCase">true</ers:property>
<ers:property name="MustHaveSymbolSet">!@$%</ers:property>
<ers:property name="MustNotHaveSymbolSet">\/|</ers:property>
<ers:property name="NotSameAsLogon">true</ers:property>
<ers:property name="PasswordMaxExpiresDays">90</ers:property>
<ers:property name="DifferentPasswordCount">2</ers:property>
<ers:property name="RetryAttemptLockoutCount">5</ers:property>
<ers:property name="RetryAttemptDelaySecs">5</ers:property>
<ers:property name="RetryAttemptDelayMultiplier">2</ers:property>
</ers:mbean>

Please note that for MustHaveSymbolSet and MustNotHaveSymbolSet '<', '>' and '&'(without single quote) symbol are not allowed as they are part of the xml syntax.

Workaround: Use <![CDATA[<>&]]> to put <, > and &
Example:
<ers: property name="MustHaveSymbolSet"><![CDATA[!@#$%^*()<>&]]></ers: property>