Custom Password Policy

The Sterling B2B Integrator Custom Password Policy is a security feature that adds more password policy rules. These additional password rules can help you prevent the use of weak, easily-hacked passwords and reject non-compliant passwords.

To enable this functionality, you need to:
  • Implement some custom Java code via a plug-point. Once enabled, the plug-point is used for all users in the system associated with a password policy (this is a global setting).
  • Add the passwordPolicyExtensionImpl property to the customer_overrides.properties file.
  • Apply the custom password policy to User Accounts.

The custom password policy extension is applied prior to the default password policy. If a password violates more than one policy requirement (one enforced by the extension class and another enforced by the default implementation) only the error message returned from the extension class is displayed to the user.