Spotfire Ideas Portal
Please add functionality to enforce password policy when using spotfire database authentication, e.g. for a password of spotfire account:
(1) minimum length
(2) complexity
(3) can not use used password
(4) expire after xx days
(5) user must change password on next time logine
(6) lock account after x login retries
(7) forbidden password be the same as user name
etc.
Thanks.
Hi Miguel,
Thank you for your reply.
I have told customer that he can utilize LDAP to achieve this. However he is still expecting Spotfire can provide this functionality for Database Authentication.
Thanks.
Hi Wei,
Usually authentication is delegated to an external application or service (i.e.: using LDAP, OIDC, NTLM, JAAS, etc).
Therefore, it is the responsibility of that external specialized authentication application or service to handle password policies, and not something we would expect to be handled within the Spotfire platform.
For more information you may check https://docs.tibco.com/pub/spotfire_server/latest/doc/html/TIB_sfire_server_tsas_admin_help/server/topics/single_sign-on_authentication_methods.html.
Thanks