You can implement a script if additional policies need to be used for checking a password that cannot be mapped with the available settings.
Syntax of check scripts
Public Sub CCC_CustomPwdValidate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
With parameters:
policy = password policy object
spwd = password to check
TIP: To use a base object, take the Entity property of the PasswordPolicy class.
Example: Script that checks a password
A password cannot start with ? or ! . The password cannot start with three identical characters. The script checks a given password for validity.
Public Sub CCC_PwdValidate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
Dim pwd = spwd.ToInsecureArray()
If pwd.Length>0
If pwd(0)="?" Or pwd(0)="!"
Throw New Exception(#LD("Password can't start with '?' or '!'")#)
End If
End If
If pwd.Length>2
If pwd(0) = pwd(1) AndAlso pwd(1) = pwd(2)
Throw New Exception(#LD("Invalid character sequence in password")#)
End If
End If
End Sub
To use a custom script for checking a password
-
In the Designer, create your script in the Script Library category.
-
Edit the password policy.
-
In the Manager, select the Custom target systems > Basic configuration data > Password policies category.
-
In the result list, select the password policy.
-
Select the Change main data task.
-
On the Scripts tab, enter the name of the script to be used to check a password in the Check script field.
-
Save the changes.
Related topics
You can implement a generating script if additional policies need to be used for generating a random password, which cannot be mapped with the available settings.
Syntax for generating script
Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
With parameters:
policy = password policy object
spwd = generated password
TIP: To use a base object, take the Entity property of the PasswordPolicy class.
Example: Script that generates a password
In random passwords, this script replaces the invalid characters ? and ! at the beginning of a password with _.
Public Sub CCC_PwdGenerate( policy As VI.DB.Passwords.PasswordPolicy, spwd As System.Security.SecureString)
Dim pwd = spwd.ToInsecureArray()
' replace invalid characters at first position
If pwd.Length>0
If pwd(0)="?" Or pwd(0)="!"
spwd.SetAt(0, CChar("_"))
End If
End If
End Sub
To use a custom script for generating a password
-
In the Designer, create your script in the Script Library category.
-
Edit the password policy.
-
In the Manager, select the Custom target systems > Basic configuration data > Password policies category.
-
In the result list, select the password policy.
-
Select the Change main data task.
-
On the Scripts tab, enter the name of the script to be used to generate a password in the Generating script field.
-
Save the changes.
Related topics
You can add words to a list of restricted terms to prohibit them from being used in passwords.
NOTE: The restricted list applies globally to all password policies.
To add a term to the restricted list
-
In the Designer, select the Base data > Security settings > Password policies category.
-
Create a new entry with the Object > New menu item and enter the term you want to exclude from the list.
-
Save the changes.
When you verify a password, all the password policy settings, custom scripts, and the restricted passwords are taken into account.
To verify if a password conforms to the password policy
-
In the Manager, select the Custom target systems > Basic configuration data > Password policies category.
-
In the result list, select the password policy.
-
Select the Change main data task.
-
Select the Test tab.
-
Select the table and object to be tested in Base object for test.
-
Enter a password in Enter password to test.
A display next to the password shows whether it is valid or not.
