Class PasswordPolicy

java.lang.Object
com.iizix.passwordpolicy.PasswordPolicy

public class PasswordPolicy extends Object
Class used to handle password policies.
Author:
Christopher Mindus
  • Method Details

    • from

      public static PasswordPolicy from(PolicyProps settings)
      Creates the password policy based on pure defaults if the property container is null, otherwise based on those settings.
      Parameters:
      settings - The settings property container, or null for defaults.
      Returns:
      The password policy.
    • createAdminPolicyWithAdvancedEntropyChecking

      public static PasswordPolicy createAdminPolicyWithAdvancedEntropyChecking()
      Creates a password policy for administrators with its defaults, but with the addition of advanced entropy checking.
      Returns:
      The password policy.
    • generateStrongPassword

      public static String generateStrongPassword()
      Generates a new strong random password.
      Returns:
      The new strong password of minimum 10 characters meeting all the criteria for "difficult password", except history for the user's password policy.
    • check

      public String check(String password)
      Estimate password strength if it's OK, and if it is, null is returned.
      Parameters:
      password - The password to check.
      Returns:
      A potentially localized descriptive string with password problems, potentially with suggestions prefixed by "\n - " strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking. The return value is null if OK.
    • check

      public String check(String password, String suggestionsPrefix)
      Estimate password strength if it's OK, and if it is, null is returned.
      Parameters:
      password - The password to check.
      suggestionsPrefix - String used to prefix any potential suggestions. If null or empty string, "\n - " will be used.
      Returns:
      A potentially localized descriptive string with password problems, potentially with suggestions prefixed by suggestionsPrefix strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking. The return value is null if OK.
    • check

      public PasswordPolicyResult check(SessionInfo sessionInfo, String password)
      Estimate password strength if it's OK, and if it is, null is returned.
      Parameters:
      sessionInfo - The session information.
      password - The password to check.
      Returns:
      A potentially localized descriptive string with password problems, potentially with suggestions prefixed by suggestionsPrefix strings. Suggestions are only added if the password policy is configured for advanced passwords entropy checking.
    • getHistoryLength

      public int getHistoryLength()
      Gets the password history length.
      Returns:
      The length, zero for no history.
    • canChangePassword

      public boolean canChangePassword()
      Checks if the password can be changed or not.
      Returns:
      true for changeable, false for fixed.
    • mustChangePassword

      public boolean mustChangePassword()
      Checks if the password must be changed at next login.
      Returns:
      true for must change, false for not required.