Skip to Content

Password generation via self-service password reset

Hi Experts,

IDM 7.2 SP9

I'm implementing self service password reset with auto password generation (instead of "ask the user" option) in the 3rd step.

My backend SAP system has password policy that password should have at least one special character.

How can I enforce that IDM always includes a special character in password?

I see we have option for Mixed case characters and Mixed letters and numbers but not for special characters.

I tried using regex

^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\Q!"@$%&/()=?'`*+~#-_.,;:{[]}\<>\E]).{10,15}$

still there were few cases IDM created password without special character and password hook task failed.

Please help.

Regards,

Jai

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • May 09, 2017 at 10:12 AM

    Hi Jai,

    if you don't mind using third party code, Foxysoft's SAP IDM connector for BusinessObjects contains a script that can help you with this. fx_generatePolicyPassword takes into consideration all the standard SAP IDM password policy settings, plus it can be customized by a number of global constants, such as FX_PASSWORD_INCLUDE_SPECIALS. Simply set this constant to the list of valid special characters as per your backend's requirements.

    If the constant is non-empty, the script will enforce that each generated password includes at least one of them.

    Hope that helps,

    Lambert

    Add comment
    10|10000 characters needed characters exceeded