- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there anyway to enforce password complexity using Splunk's native user/password authentication?
Specifically I am looking for:
- First time user logs in, they must change their password in Splunk's user screen
- Password must follow a minimum defined complexity (e.g. uppercase, lowercase, numbers, special chars and a certain length)
- After x months, user must change their password again
I realise that it can be done through SSO, LDAP integration etc. but I am looking for something within Splunk itself (or perhaps some kind of script) as none of these other mechanisms are an option for us right now.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content

At this time, we don't have plans to implement this kind of improvement in the native Splunk authentication mechanism. The best practice is to use LDAP authentication with Splunk.
I know you mentioned that LDAP is not an option, but it isn't that hard to set up and maintain OpenLDAP.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content

- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, i saw this is an old post but the question is the same, now in the new versions of Splunk is there an way to do this? or is in the path to do it?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content

At this time, we don't have plans to implement this kind of improvement in the native Splunk authentication mechanism. The best practice is to use LDAP authentication with Splunk.
I know you mentioned that LDAP is not an option, but it isn't that hard to set up and maintain OpenLDAP.
