Password policy
This document provides guidelines for configuring the password policy in CloudBeaver. Administrators can define rules for user passwords to enhance security and comply with organizational requirements. These settings, applied globally, ensure passwords meet the specified standards during creation and update processes.
For more details on configuration, see the CloudBeaver server configuration.
The Password Policy configuration is located under the server.sm section of
the main server configuration file.
sm: {
enableBruteForceProtection: "${CLOUDBEAVER_BRUTE_FORCE_PROTECTION_ENABLED:true}",
expiredAuthAttemptInfoTtl: "${CLOUDBEAVER_EXPIRED_AUTH_ATTEMPT_INFO_TTL:60}",
maxFailedLogin: "${CLOUDBEAVER_MAX_FAILED_LOGINS:10}",
minimumLoginTimeout: "${CLOUDBEAVER_MINIMUM_LOGIN_TIMEOUT:1}",
blockLoginPeriod: "${CLOUDBEAVER_BLOCK_PERIOD:300}",
passwordPolicy: {
minLength: "${CLOUDBEAVER_POLICY_MIN_LENGTH:8}",
requireMixedCase: "${CLOUDBEAVER_POLICY_REQUIRE_MIXED_CASE:true}",
minNumberCount: "${CLOUDBEAVER_POLICY_MIN_NUMBER_COUNT:1}",
minSymbolCount: "${CLOUDBEAVER_POLICY_MIN_SYMBOL_COUNT:0}"
}
}| Name | Environment Variable | Description |
|---|---|---|
minLength |
CLOUDBEAVER_POLICY_MIN_LENGTH |
Specifies the minimum length requirement for user passwords. |
requireMixedCase |
CLOUDBEAVER_POLICY_REQUIRE_MIXED_CASE |
Enforces the use of both uppercase and lowercase letters in passwords. |
minNumberCount |
CLOUDBEAVER_POLICY_MIN_NUMBER_COUNT |
Sets the minimum number of numeric characters required in passwords. |
minSymbolCount |
CLOUDBEAVER_POLICY_MIN_SYMBOL_COUNT |
Defines the minimum number of special symbols required in passwords. |
enableBruteForceProtection |
CLOUDBEAVER_BRUTE_FORCE_PROTECTION_ENABLED |
Enables brute force protection for login attempts. |
expiredAuthAttemptInfoTtl |
CLOUDBEAVER_EXPIRED_AUTH_ATTEMPT_INFO_TTL |
Time-to-live (TTL) for expired authentication attempt information (in minutes). |
maxFailedLogin |
CLOUDBEAVER_MAX_FAILED_LOGINS |
Maximum number of allowed failed login attempts before blocking access. |
minimumLoginTimeout |
CLOUDBEAVER_MINIMUM_LOGIN_TIMEOUT |
Minimum timeout duration (in minutes) before the next login attempt. |
blockLoginPeriod |
CLOUDBEAVER_BLOCK_PERIOD |
Period (in seconds) for which a login is blocked after maximum failed attempts. |
The configured password policy will be applied during password create and change processes. The CloudBeaver will check the entered passwords against the defined policy, and users will be prompted to update their passwords if they do not meet the specified requirements.
- Application overview
- Demo Server
- Administration
- Server configuration
- Create Connection
- Connection Templates Management
- Access Management
-
Authentication methods
-
Local Access Authentication
- Anonymous Access Configuration
- Reverse proxy header authentication
- LDAP
-
Single Sign On
-
SAML
-
OpenID
-
AWS OpenID
-
AWS SAML
-
AWS IAM
-
AWS OpenId via Okta
-
Snowflake SSO
-
Okta OpenId
-
Cognito OpenId
-
JWT authentication
-
Kerberos authentication
-
NTLM
-
Microsoft Entra ID authentication
-
Google authentication
-
Local Access Authentication
- User credentials storage
-
Cloud Explorer
-
Cloud storage
-
Query Manager
-
Drivers Management
- Supported databases
- Accessibility
- Keyboard shortcuts
- Features
- Server configuration
- CloudBeaver and Nginx
-
Domain manager
- Configuring HTTPS for Jetty server
- Product configuration parameters
- Command line parameters
- Local Preferences
- API
-
CloudBeaver Community
-
CloudBeaver AWS
-
CloudBeaver Enterprise
-
Deployment options
-
Development