Base solution for your next web application
Ends in:
01 DAYS
01 HRS
01 MIN
01 SEC
Open Closed

Password attributes - Feature Request #5955


User avatar
0
edarib created

Add the following secure password attributes:

Not be the same as the Userid

Expire within a maximum of xx calendar days

Not be identical to the previous ten (10) passwords

Has somebody implemented similar features?

Thanks,

Ed


2 Answer(s)
  • User Avatar
    0
    maliming created
    Support Team

    Not be the same as the Userid

    You can use custom-validation

    Expire within a maximum of xx calendar days

    You can add a password expiration field to the User entity and then judge it in the relevant code.

    Not be identical to the previous ten (10) passwords

    You can use a table to record the user's historical password. Or use EF Owned Entity Types

  • User Avatar
    0
    ryancyq created
    Support Team

    Hi @ebarib i haven't tried on this yet. However you can try the approach of custom password validator in asp.net core identity .

    see https://andrewlock.net/creating-custom-password-validators-for-asp-net-core-identity-2/