Hi, I have requirement for password and log-in session as below, Minimum length: 8 characters 220.127.116.11 Complexity: Must contain at least three of the following four characters: number, uppercase letter, lowercase letter, printable special character 18.104.22.168 History (reuse): > 6 passwords 22.214.171.124 Expiration: For all end-user accounts <= 90 days; privileged user accounts, including system administrators, 30 days; service account passwords must be changed at least annually 126.96.36.199 Failed login attempts: <= 6 attempts 188.8.131.52 Account lockout: Accounts must remain in locked status until manually unlocked by an administrator 184.108.40.206 Inactive application user sessions must be shut down after a defined period of inactivity – not to exceed 30 minutes. For systems that are subject to compliance with the PCI DSS, re-authentication is required when a session is idle for more than 15 minutes. Can someone suggest some good ways to implement these security check points for password and log-in session? Thank you.
Soumya Ranjan Bindhani
Here are some resources to get your started. In the future, instead of pasting your requirements here, please do some research yourself on Google, the Mendix Forum, and the Mendix App Store before posting here on the forum. Then let us know about what you've already done to attempt to solve the problem yourself. You're much more likely to get great help when you've shown some effort.