Enhanced User Security (4.3)
For Usage Engine Private Edition, the Enhanced User Security property security.password.control.enabled
 is set to true
by default in values.yaml
.
security:
password:
control:
## Set this to true to enforce stricter password requirements and mandate a password change upon the first login.
enabled: true
Maintaining the default value will deploy the Platform pod with Enhanced User Security enabled.
A new user is required to change the password during their first login. If an admin should reset the password for a user, the user will also be required to change password when they re-login.
Password Rules
If enhanced user security is enabled, the default password rules are:
The password must:
Be at least eight characters long.
Include at least one special character and one that is either a number or capital letter.
The password must not:
Contain more than two identical characters in an uninterrupted sequence. Such as "aaa".
Include the username.
Be in alphabetical sequence, such as Abcd.
Be in numerical sequence, such as 1234.
Be in any US keyboard pattern, such as Qwerty.
Contain any whitespace.
Be identical to any of the recent twelve (minimum) passwords used for the user ID.
Info!
Repetitive characters that are not consecutively sequenced are still valid. Such as "adadad".
Other Password Rules
If you have a custom password policy that you will want to include with the default policies listed above, you can modify or add new password rules with the Platform Properties(4.3).