Override SFTP password policy

Overview

SFTP Gateway v3.x comes with a default password policy for SFTP users.

You can override this default password policy by adding entries to the application.properties file.

Problem statement

SFTP Gateway v3.x comes with a default password policy for SFTP users.

During a migration, you may want to use an existing password that doesn't conform to this default password policy.

Or, you might need to set a different password policy for SFTP users that conforms to your organization's requirements.

Override the default policy

You can override the default password policy for SFTP users.

Edit the file /opt/sftpgw/application.properties

You can add any of the following properties, setting the appropriate value:

password.policy.required-upper-count=1
password.policy.required-digit-count=1
password.policy.required-lower-count=1
password.policy.required-special-count=1
password.policy.require-digit=false
password.policy.require-lower=false
password.policy.require-special=false
password.policy.require-upper=false
password.policy.min-length=12
password.policy.max-length=128
password.policy.suggested-length=20
password.policy.prohibit-passwords-in-word-file=true
password.policy.word-file="classpath:/100k-most-used-passwords-NCSC.txt";
password.policy.prevent-previously-used-password-count=5
password.policy.allowed-special-characters=!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~

To apply your changes, restart the Java service:

sudo service sftpgw-admin-api restart