Restricting the users from using First Name or Last Name in their password

book

Article ID: 14336

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction



How to restrict users from using the Last Name or First Name in their password

Environment

Release: CAIDMB99000-12.6.8-Identity Manager-B to B
Component:

Resolution

There is no option to get this done using a password policy. However one can use the below validation script on the task level.

Modify Task -> Change My Password  -> Tab -> Profile -> ChangeMyProfile Screen ->Validation JavaScript

---------------------
function validate(ScreenContext, errorMessage) {
 var adminDN = ScreenContext.getAdminUniqueName();
 var up = ScreenContext.getUserProvider();
 var adminUser = up.findUser(adminDN,null);
 var currentfirstName = String(adminUser.getAttribute("givenName")).toLowerCase();
 var currentLastName = String(adminUser.getAttribute("sn")).toLowerCase();
 var enteredPassword = String(ScreenContext.getFieldValue("Password")).toLowerCase();
 var isFNpresent = enteredPassword.indexOf(currentfirstName);
 var isLNpresent = enteredPassword.indexOf(currentLastName);
 if (isFNpresent == -1 && isLNpresent == -1){
  return true;
 }else{
  errorMessage.reference="Password should not contain First Or Last Name";
 return false;
 }
}
----------------------