Password Policy Structure

A structure defines the policy used to generate the password.

Password Policy Structure
Name	Type	Description
defaultPasswordAllowed	Boolean	Indicates if client application is allowed to use default password for the data Vault. If this is set to TRUE and if client application uses default password then minLength, hasDigits, hasUpper, hasLower and hasSpecial parameters in the policy are ignored.
minimumLength	Integer	The minimum length of the password.
hasDigits	Boolean	Indicates if the password must contain digits.
hasUpper	Boolean	Indicates if the password must contain uppercase characters.
hasLower	Boolean	Indicates if the password must contain lowercase characters.
hasSpecial	Boolean	Indicates if the password must contain special characters. The set of special characters is: “~!@#$%^&*()-+”.
expirationDays	Integer	Specifies password expiry days from the date of setting the password. 0 indicates no expiry.
minUniqueChars	Integer	The minimum number of unique characters in the password. For example, if length is 5 and minUniqueChars is 4 then “aaate” or “ababa” would be invalid passwords. Instead, “aaord” would be a valid password.
lockTimeout	Integer	The timeout value (in seconds) after which the vault will be locked from the unlock time. 0 indicates no timeout. This value overrides the value set by setLockTimeout method.
retryLimit	Integer	The number of failed unlock attempts after which data vault is deleted. 0 indicates no retry limit. This value overrides the value set by the setRetryLimit method.

Settings for Password Policy

The client applications uses these settings to fill the PasswordPolicy structure. The default values are used by the data vault when no policy is configured. The defaults are also used in Sybase Control Center in the default template. The Sybase Unwired Platform administrator can modify these settings through Sybase Control Center. The application must set the password policy for the data vault with the administrative (or alternative) settings.

Note: Setting the password policy locks the vault. The password policy is enforced when unlock is called (because the password is not saved, calling unlock is the only time that the policy can be evaluated).

PROP_DEF_PWDPOLICY_ENABLED – Boolean property with a default value of false. Indicates if a password policy is enabled by the administrator.
PROP_DEF_PWDPOLICY_DEFAULT_PASSWORD_ALLOWED – Boolean property with a default value of false. Indicates if the client application is allowed to use the default password for the data vault.
PROP_DEF_PWDPOLICY_MIN_LENGTH – Integer property with a default value of 0. Defines the minimum length for the password.
PROP_DEF_PWDPOLICY_HAS_DIGITS – Boolean property with a default value of false. Indicates if the password must contain digits.
PROP_DEF_PWDPOLICY_HAS_UPPER – Boolean property with a default value of false. Indicates if the password must contain at least one uppercase character.
PROP_DEF_PWDPOLICY_HAS_LOWER – Boolean property with a default value of false. Indicates if the password must contain at least one lowercase character.
PROP_DEF_PWDPOLICY_HAS_SPECIAL – Boolean property with a default value of false. Indicates if the password must contain at least one special character. A special character is a character in this set “~!@#$%^&*()-+”.
PROP_DEF_PWDPOLICY_EXPIRATION_DAYS – Integer property with a default value of 0. Specifies the number of days in which password will expire from the date of setting the password. Password expiration is checked only when the vault is unlocked.
PROP_DEF_PWDPOLICY_MIN_UNIQUE_CHARS – Integer property with a default value of 0. Specifies minimum number of unique characters in the password. For example, if minimum length is 5 and minUniqueChars is 4 then “aaate” or “ababa” would be invalid passwords. Instead, “aaord” would be a valid password.
PROP_DEF_PWDPOLICY_LOCK_TIMEOUT – Integer property with a default value of 0. Specifies timeout value (in seconds) after which the vault is locked from the unlock time. 0 indicates no timeout.
PROP_DEF_PWDPOLICY_RETRY_LIMIT – Integer property with a default value of 0. Specifies the number of failed unlock attempts after which data vault is deleted. 0 indicates no retry limit.