When configured in a security realm, the Password Validation provider is automatically invoked by a supported authentication provider whenever a password is created or updated for a user in that realm. The Password Validation provider then performs a check to determine whether the password meets the criteria established by the composition rules, and the password is accepted or rejected as appropriate.
The password composition rules you can configure for the Password Validation provider include the following:
Note: By default, the Default Authentication provider requires a minimum password length of 8 characters. However, the minimum password length enforced by the Default Authentication provider can be customized. In either case, if the Default Authentication provider and Password Validation provider are both configured in the security realm, and you attempt to create a password that does not meet the minimum length enforced by the Default Authentication provider, an error is generated.
For complete details about each rule you can configure with the Password Validation provider, see Configuration Options.
The Password Validation Providers table lists the Password Validation providers configured in this security realm.
The Create a New Password Validation Provider page appears.