Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.

Password Policy-Max repeated characters

Manpreet_Kaur
New Contributor II
New Contributor II

Dear Team

The regex used for the AD password policy is as below:

(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[~!@#%^&?]).{16,16}

Along with this, the attribute for Max repeated characters is updated as -2

However, at the time of generating the password- few passwords are not complying with the max repeated characters rule and generate password with 3 repeated characters as highlighted in the below screenshot.

Manpreet_Kaur_0-1693380400501.png

This is creating the change password in the pending state and hence the further tasks get into pending.

Regards

Manpreet Kaur

[This post has been edited by a moderator to mask any sensitive information]

8 REPLIES 8

vikasjv
Saviynt Employee
Saviynt Employee

Hi @Manpreet_Kaur ,

Request you to remove the Maximum Repeated Characters and keep only Regex.

Please test and let me know the result.


Regards,
Vikas J V

If this reply answers your question, please click the Accept As Solution button to help future users who may have a similar problem.

Hi @vikasjv 

Appreciate your time to review the issue as well as for your revert.

As suggested, the "Maximum Repeated Characters" has been changed to blank in the dev environment.

Post changing we still receive the repeated characters as 3- its a case 1 out of 10 or 12 passwords.

I have shared the screenshot of the passwords that have 3 repeated characters.

Regards,

Manpreet Kaur

 

Manpreet_Kaur_1-1693458765283.png

Manpreet_Kaur_0-1693458602952.png

Hi @Manpreet_Kaur ,

Request you to test with the below regex and set the maximum repeated characters to blank.

^(?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[~!@#%^&?])(^.{16}$)(?!(\w)\1\1).*$


Regards,

Vikas J V

If this reply answers your question, please click the Accept As Solution button to help future users who may have a similar problem.




Hi @vikasjv 

Thanks for coming up with the new resolution.

However, when applied this password policy it's not even generating the new password.

Regards

Manpreet Kaur

Try this Regex: ^([a-z]){4}([A-Z]){5}(\d){4}([~!@#%^&?]){3}$


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

Hi

Thanks for the revert. I changed the regex however, it didn't even generate a new password with the given regex.

Logs as below:

2023-10-06T14:26:33+08:00-ecm-services.RandomStringUtilsService-http-nio-8080-exec-87-DEBUG-Not able get matched string, need to add more logic to handle this regex: ^([a-z]){4}([A-Z]){5}(\d){4}([~!@#%^&?]){3}$
Regards
Manpreet Kaur

NageshK
Saviynt Employee
Saviynt Employee

@Manpreet_Kaur Can you please try this regex and see? You have to update the special characters list  according to your requirements. This regex was to prevent 2 or more consecutive repeated characters. However, we had observed that every now and then it does generate 2 consecutive repeated characters. Have not seen 3 consecutive repeated with our limited testing. Please try it in your setup and check for at least 25-30 occurences  

^(?=.{20,22}$)(?:([\w~!@#$%^&?])(?!\1))+$

Thanks

Nagesh K

Manpreet_Kaur
New Contributor II
New Contributor II

Hi @NageshK 

Thanks for taking out time & help in providing the appropriate regex.

This is working fine in Dev.

However, still we are testing in prod.

Regards

Manpreet Kaur