Restricting the users from using First Name or Last Name in their password
search cancel

Restricting the users from using First Name or Last Name in their password


Article ID: 14336


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On


How to restrict users from using the Last Name or First Name in their password


Release: CAIDMB99000-12.6.8-Identity Manager-B to B


There is no option to get this done using a password policy. However one can use the below validation script on the task level.

Modify Task -> Change My Password  -> Tab -> Profile -> ChangeMyProfile Screen ->Validation JavaScript

function validate(ScreenContext, errorMessage) {
 var adminDN = ScreenContext.getAdminUniqueName();
 var up = ScreenContext.getUserProvider();
 var adminUser = up.findUser(adminDN,null);
 var currentfirstName = String(adminUser.getAttribute("givenName")).toLowerCase();
 var currentLastName = String(adminUser.getAttribute("sn")).toLowerCase();
 var enteredPassword = String(ScreenContext.getFieldValue("Password")).toLowerCase();
 var isFNpresent = enteredPassword.indexOf(currentfirstName);
 var isLNpresent = enteredPassword.indexOf(currentLastName);
 if (isFNpresent == -1 && isLNpresent == -1){
  return true;
  errorMessage.reference="Password should not contain First Or Last Name";
 return false;