Wednesday, August 12, 2015

Sitecore User Password Policy Configurations

Today, one of my colleagues had an issue when trying to login to a sitecore backend. Initially, we thought the issue was with some configuration miss-match. But, later one of our colleagues found that we can login to sitecore backend using another user (not Admin user)

We finally came to a conclution that the issue was with the password policy. Since this was little bit new to me, I thought of taking a deeper look on this.

Following Sitecore documents provides few configurations that can be used

Configure password policy -

And following document describes about Sitecore Security

Sitecore Security -

In the above document, Sitecore mention following points which helps us to extend/understand how this works

Sitecore uses the .NET security engine, which offers several advantages:
  • A variety of plug-and-play features provided directly by Microsoft.
  • An abstraction from the real data source.
  • The option to replace or extend the default configuration with custom providers.
  • The performance speed of a pure ASP.NET solution.
  • The possibility of keeping the accounts in identifiable storage areas by using several providers simultaneously.

So, following are few more configurations that we can used to control the password policies of our Sitecore instance


Hope this helps.. :-)

No comments:

Post a Comment