appmsw-forbid-old-passwd
0
0
added salt in hash
To meet the requirements of section 8.2.5 PCI DSS "Prohibit the use of old passwords", a small application has been implemented that will be launched by the system when a user tries to change a password and check if it was used before.
If ZPM the current instance is not installed, then in one line you can install the latest version of ZPM.
zn "%SYS" d ##class(Security.SSLConfigs).Create("z") s r=##class(%Net.HttpRequest).%New(),r.Server="pm.community.intersystems.com",r.SSLConfiguration="z" d r.Get("/packages/zpm/latest/installer"),$system.OBJ.LoadStream(r.HttpResponse.Data,"c")
If ZPM is installed, then can be set with the command
zpm:USER>install appmsw-forbid-old-passwd
Make sure you have git and Docker desktop installed.
Clone/git pull the repo into any local directory
git clone https://github.com/SergeyMi37/appmsw-forbid-old-passwd
Open the terminal in this directory and run:
docker-compose build
docker-compose up -d
Open IRIS terminal:
docker-compose exec iris iris session iris
...
%SYS>set ss=##class(Security.System).%OpenId("SYSTEM")
%SYS>set ss.PasswordValidationRoutine="CHECK^PASSWORD"
%SYS>write ss.%Save()
1
Or add a parameter through the interface:
Password validation routine
added salt in hash
upd readme
update description
Initial Release