Thorn Tech Marketing Ad
Skip to main content
Version: 1.2.1

Overriding the Password Policy

TLDR

What: Customize the password requirements for StorageLink Web Users and Admin Users.

Config file: /opt/swiftgw/application.properties

Key settings: password.policy.require-upper, require-lower, require-digit, require-special, min-length, prevent-previously-used-password-count

Apply: sudo systemctl restart swiftgateway

Product: StorageLink by Thorn Technologies — cloud storage gateway for secure file sharing

Overview

StorageLink ships with a default password policy. By default it enforces a minimum length of 12 characters (maximum 72), blocks common passwords against a built-in word list, and prevents reuse of the last 5 passwords. The character-class requirements — uppercase, lowercase, digit, and special characters — are available but off by default; you turn them on with the properties below.

The Update Password form shows live green checkmarks for the length, word-list, and previously-used rules. Character-class rules are enforced server-side when the password is submitted, returning an error such as "must contain 1 or more special characters."

You override the default policy by editing application.properties on the VM.

When you'd override the policy

  • During a migration, to keep an existing password that doesn't meet the default policy.
  • To match your organization's own password requirements, whether stricter or more relaxed.

Override the default policy

The password policy is controlled by application properties. SSH into the StorageLink VM and edit this file:

/opt/swiftgw/application.properties

Add or change any of the following properties, setting the values you want:

password.policy.require-upper=true
password.policy.require-lower=true
password.policy.require-digit=true
password.policy.require-special=true
password.policy.required-upper-count=1
password.policy.required-lower-count=1
password.policy.required-digit-count=1
password.policy.required-special-count=1
password.policy.min-length=12
password.policy.prevent-previously-used-password-count=5
password.policy.word-file=classpath:100k-most-used-passwords-NCSC.txt
PropertyDefaultPurpose
password.policy.require-upperfalseRequire at least one uppercase letter
password.policy.require-lowerfalseRequire at least one lowercase letter
password.policy.require-digitfalseRequire at least one digit
password.policy.require-specialfalseRequire at least one special character
password.policy.required-*-count0How many of each class to require, once the matching require-* is on
password.policy.min-length12Minimum password length (maximum 72)
password.policy.prevent-previously-used-password-count5Block reuse of the last N passwords
password.policy.word-fileNCSC 100k listCommon-password blocklist
note

Out of the box, a password like mypassword1234 (lowercase and digits, 12+ characters) is accepted because the character-class rules are off by default. Set the relevant require-* properties to true to enforce complexity.

For example, to relax the policy during a migration, you might set:

password.policy.require-upper=false
password.policy.require-digit=false
password.policy.require-special=false
password.policy.min-length=6
tip

For help editing the file from the terminal, see Editing Files on Linux (nano & vi).

Apply your changes

After saving the file, restart the StorageLink service for the new policy to take effect:

sudo systemctl restart swiftgateway

The next time a user sets or changes their password, the Update Password form validates against your updated rules.