Security

Native Password Complexity in Splunk

pj
Contributor

Is there anyway to enforce password complexity using Splunk's native user/password authentication?

Specifically I am looking for:

  1. First time user logs in, they must change their password in Splunk's user screen
  2. Password must follow a minimum defined complexity (e.g. uppercase, lowercase, numbers, special chars and a certain length)
  3. After x months, user must change their password again

I realise that it can be done through SSO, LDAP integration etc. but I am looking for something within Splunk itself (or perhaps some kind of script) as none of these other mechanisms are an option for us right now.

Tags (1)
1 Solution

araitz
Splunk Employee
Splunk Employee

At this time, we don't have plans to implement this kind of improvement in the native Splunk authentication mechanism. The best practice is to use LDAP authentication with Splunk.

I know you mentioned that LDAP is not an option, but it isn't that hard to set up and maintain OpenLDAP.

View solution in original post

israelgutierrez
Path Finder

Hi, i saw this is an old post but the question is the same, now in the new versions of Splunk is there an way to do this? or is in the path to do it?

0 Karma

araitz
Splunk Employee
Splunk Employee

At this time, we don't have plans to implement this kind of improvement in the native Splunk authentication mechanism. The best practice is to use LDAP authentication with Splunk.

I know you mentioned that LDAP is not an option, but it isn't that hard to set up and maintain OpenLDAP.

View solution in original post

Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!