AnsweredAssumed Answered

Advanced Password Policies using SHA-1 dictionaries

Question asked by ruhgo01 Employee on Aug 16, 2018
Latest reply on Aug 16, 2018 by David_Macedo

Dear CA SSO-Team,

we want to strengthen the security of our CA IDM / CA SSO environment by introducing advanced password policies.


We want to utilize a dictionary of real world passwords previously exposed in data breaches. These real exposed passwords are supplied by as a ZIP file containing the SHA-1 hashes of passwords.


Which ways exist to implement this in CA IDM and/or CA SSO?


In additon we want to exclude some characters like underscores "_" and colons ":" in passwords.


Kind regards,