In the applications you develop with Kuika, you can manage the process of users creating strong passwords, protecting these passwords and determining the frequency of renewal through Password Policy. This tutorial covers the steps to add a password policy and configure its settings.
Adding a Password Policy to an Application
Log in to the Kuika platform.
Select the project you will work on from the Apps screen.
Click the Configuration Manager module from the left menu.
Enter a name for the configuration and click the CREATE button.
Go to the App Settings tab.
In the Authentication & Authorization section, click on the drop-down menu titled Password Policy.
The password policies you have already created are listed.
Click ADD NEW to create a new password policy.
Password Policy Settings
Password policies can be customized according to the security needs of your application.
Configuring the Password Policy Settings Module
Policy Name: Enter the identifying name of the policy.
Characters and Size
Specify the characters that can or cannot be used in the password.
Define the minimum and maximum password length.
Password Requirements (Must Contains)
Select the properties the password should contain:
Lowercase (a-z)
Uppercase (A-Z)
Numeric value (0-9)
Special characters (e.g. !, @, #)
Specify the minimum number of characters and any special characters required.
Must NOT Contain Password
Determine what the password should not contain:
Specific words (e.g. admin, password)
Consecutive numbers or repeated letters (e.g. 1234, aaaa)
Personal information of the user, such as name, surname or date of birth
Password Length
Enter the minimum and maximum character lengths.
Account Locking and Duration Settings (Locking)
Password Expiration: Set the number of days the password will be valid and set how many days before it expires to notify the user.
Account Lockout: Set the maximum number of failed logins and define how long the account will be locked when this number is reached.
CAPTCHA Settings: Set the number of entries for which CAPTCHA will be activated after an incorrect login attempt.
Last Passwords
Set whether the user can reuse their previous passwords.
Define how many passwords used in the past the new password cannot resemble.
With these settings, you can increase the security standards of your application by enabling your users to create strong and secure passwords.