Password Policy

UDMG implements a comprehensive global password policy that is configured through the system's Configuration File. The Configuration File has predefined defaults that Admins can modify as needed.

The password settings help enforce stronger security by ensuring passwords meet certain complexity criteria.

The policy is enforced across all Domains and applies to three password fields on both creation and update:

Users with Standard login method
Accounts with Standard login method
Initial Domain Admins of Secondary Domains

The password policy configuration is defined within the security.password block in the udmg-server.hcl Configuration File. The UDMG Server must be restarted after the Configuration File is changed.

info

Passwords cannot exceed 72 characters in length, as they are limited to 72 bytes due to the hashing algorithm.

Example Configuration

udmg-server.hcl
security {
    password {
        min_length     = 10
        min_upper_case = 1
        min_lower_case = 1
        min_numbers    = 1
        min_symbols    = 1
    }
}

Parameters

All parameters are located within the security.password block of the Configuration File.

HCL Argument Name	Description	Value Type	Default Value
`security.password.min_length`	Minimum password length (in characters). warning Maximum allowed value is `72`, as passwords are limited to 72 bytes due to the hashing algorithm. Any value over this limit will cause an error.	`number`	`8`
`security.password.min_upper_case`	Minimum number of uppercase characters in password.	`number`	`1`
`security.password.min_lower_case`	Minimum number of lowercase characters in password.	`number`	`1`
`security.password.min_numbers`	Minimum number of numbers in password.	`number`	`1`
`security.password.min_symbols`	Minimum number of symbols in password.	`number`	`1`

Example Configuration​

Parameters​

Example Configuration

Parameters