Keycloak Password Policy

Keycloak Password Policy

The post describes how to configure Password Policy in Keycloak

What is a password policy?

A Password Policy is the set of restrictions and/or requirements that a user must follow to ensure that their password is strong.

Keycloak configuration

Open Keycloak admin page, open Authentication, go to the Password Policy tab.

Click on the Add policy … to see the list of available password policies.

Keycloak documentation related to Password Policies is here

  • Digits – minimum number of digits required
  • Special Characters - minimum number of special characters required
  • Expire Password – password expires after n days
  • Not Username - password should be different from username
  • Minimum Length - minimum length of the password

User Experience should be improved.

Keycloak informs about each error separately and it not user friendly.

Use case: Admin resets password

Use case: User updates his password during a login