KCM Repository Administrator GuideAdminister KCM RepositoryAdministrative tasksConfigure the password policyConfigure a list of forbidden passwords

Configure a list of forbidden passwords

To prevent use of common passwords, the administrator can configure a list of passwords that will be rejected as a new password for a user.

  1. Create a .txt file with forbidden passwords, or download such a list from the Internet.
  2. Make sure each password is on its own line.
    The blacklisted passwords will be processed in a case-insensitive way: "password" in the blacklist will also block "Password", "PASSWORD", and "PassWord."

    The file must be named pwdblacklist.txt and must be in UTF-8 format, with a Byte Order Mark.

  3. Place the file in the KCM Repository configuration directory at: <deploy root>\KCM\Work\<version>\Instance_<num>\designer\Config

    When prompted to replace the existing pwdblacklist.txt, you can confirm the replacement. Alternatively, you can modify the existing file by appending your own list of passwords to it.

  4. Restart the KCM Repository Server after you finish changing this file.

A very large list of forbidden passwords may cause the first login and changing passwords to slow down after restart.