Related Liferay Password Policy topics:
- Setting password syntax in Liferay
- Enable Liferay password expiration
- Enable Liferay password lockout
- Assign members to a password policy
- Setting password syntax in Liferay
- Enable Liferay password expiration
- Enable Liferay password lockout
- Assign members to a password policy
Password expiration is a security consideration to force a user to change his/her password for a pre-defined duration.
eg, if the password expiration is 1 year, a user registered on 1st Jan 2013 must change his/her password on 1st Jan 2014.
The password expiration policy is built-in in Liferay but disabled by default.
From security perspective, a production Liferay portal should enable the built-in password expiration.
and below are the steps.
Steps to enable Liferay password expiration:
1. Login as Administrator2. Navigate to Liferay Password Policies
Go to > Control Panel > Portal > Password Policies
3. Click on Default Password Policy
4. Setting password expiration
a) Scroll down to the Password Expiration section
b) check the Expiration enabled checkbox
c) set Maximum Age
d) set Warning Time
e) set Grace Limit
5. Click Save.
Done!!
No comments:
Post a Comment