Dear CA SSO-Team,

we want to strengthen the security of our CA IDM / CA SSO environment by introducing advanced password policies.

 

We want to utilize a dictionary of real world passwords previously exposed in data breaches. These real exposed passwords are supplied by https://haveibeenpwned.com/Passwords as a ZIP file containing the SHA-1 hashes of passwords.

 

Which ways exist to implement this in CA IDM and/or CA SSO?

 

In additon we want to exclude some characters like underscores “_” and colons “:” in passwords.

 

Kind regards,

Gottfried


Source: New feed
{pubDate}

Leave a Reply

Your email address will not be published. Required fields are marked *