Overview#

TODO: Consider changing the syntax to OID. Each OID will list a quality rule (like min len, # of special characters, etc). These rules can be specified outside this document.

TODO: Note that even though this is meant to be a check that happens during password modification, it may also be allowed to happen during authN. This is useful for situations where the password is encrypted when modified, but decrypted when used to authN.

PwdCheckQuality attribute indicates how the password quality will be verified while being modified or added. If this attribute is not present, or if the value is '0', quality checking will not be enforced. A value of '1' indicates that the server will check the quality, and if the server is unable to check it (due to a hashed password or other reasons) it will be accepted. A value of '2' indicates that the server will check the quality, and if the server is unable to verify it, it will return an error refusing the password.

( 1.3.6.1.4.1.42.2.27.8.1.5
    NAME 'pwdCheckQuality'
    EQUALITY integerMatch
    SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
    SINGLE-VALUE 
)

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.
« This page (revision-2) was last changed on 31-Jan-2014 21:42 by jim