Qlik Community

QlikView App Development

Discussion Board for collaboration related to QlikView App Development.

Announcements
QlikWorld 2020: Join us May 11 - 14, 2020 in Phoenix, AZ. Register early and save $400. Learn More
Highlighted
Partner
Partner

Can I restrict user password or give a warning for changing the password every 30 days?

Hi all,

For security, our company want me to set a warning for every user who needs to change their password every 30 days, and also want to restrict their password, like must more than 6 bit or must start with a capital word something like that.

I don't know whether I can do that in Qlikview Server or using js, if can, how to do that?

Thanks.

Aiolos Zhao

Tags (2)
1 Solution

Accepted Solutions

Re: Can I restrict user password or give a warning for changing the password every 30 days?

No you cannot. But that is new information so my previous replies do not apply to your situation  (it's always better to give those details from the start in your Original Post, makes discussions shorter and more to the point)

Custom directory operates its own list of user definitions which can only be managed from inside the QMC or from custom applications. You cannot mix Custom Directory with AD or any standard premission system like NTFS, simply because for example Custom Directory users do not exist in NTFS or AD. They only exist inside QlikView.

Actually, I think you answered your own question here (last sentence): Re: Can I restrict user password or give a warning for changing the password every 30 days?

You should indeed talk to your web developer. One big advantage of a system like Custom Directory is that you can extend it yourself. However, to do that you'll need someone with web programming experience, like you said yourself.

Custom Directory users are defined in an xml file called C:\ProgramData\QlikTech\DirectoryServiceConnector\CustomDirectoryData.xml. There is no tag that stores the timestamp of definition or last password change, but that can be compensated by either requesting password changes on a fixed date (for example, every first of the month) or by storing password expiry dates in a new xml file and letting the login page handle the data from these two.

Best,

Peter

View solution in original post

12 Replies

Re: Can I restrict user password or give a warning for changing the password every 30 days?

Even Qlikview i also don't know. But by help of Javascript it is possible.

Can you start searching on JS Validation for form in html

Before develop something, think If placed (The Right information | To the right people | At the Right time | In the Right place | With the Right context)
Partner
Partner

Re: Can I restrict user password or give a warning for changing the password every 30 days?

Thanks for reply, so do you mean I can change or add js script on login page?

Re: Can I restrict user password or give a warning for changing the password every 30 days?

Would you mind, Can you share your login file and path where this situated in (please hide username)

And then Look Attachment

Before develop something, think If placed (The Right information | To the right people | At the Right time | In the Right place | With the Right context)
Partner
Partner

Re: Can I restrict user password or give a warning for changing the password every 30 days?

Hi Anil,

Thank you so much for your script.

But I'm not familiar with the PHP, and don't know how to use it...

And the login file you mentioned, do you mean the session file of my qlikview server?

could you please give an example for that?

Thanks

Aiolos

Re: Can I restrict user password or give a warning for changing the password every 30 days?

In fact, I am not familiar with Server end. I am fully into design anyway, for understand, I am expecting Access point custom Login.html page`(Figure it out, Usually they used as base the default "C:\Program Files\QlikView\Web" folder to create the folder for Login)

I am referring the same one.

Before develop something, think If placed (The Right information | To the right people | At the Right time | In the Right place | With the Right context)
MVP
MVP

Re: Can I restrict user password or give a warning for changing the password every 30 days?

I assume you are using USERID/PASSWORD for opening QV documents. There is no support for password policy enforcement for the Qlikview USERID. This is only suitable for the most elementary security scenarios. You could possibly build your own policy enforcement outside of Qlikview, although the passwords will still go over the network in plain text.

Are your users on a Windows domain? You would be better off using NTNAME rather than UserID. Then you can enforce password policies through Active Directory and the passwords will not be visible anywhere and will not be sent in plain text over the network.

Logic will get you from a to b. Imagination will take you everywhere. - A Einstein
Partner
Partner

Re: Can I restrict user password or give a warning for changing the password every 30 days?

Hi Jonathan,

Thanks for reply. I'm using the NTNAME to do the section access, but I'm using the Custom Directory, not AD.

And yes, we are on Windows domain.

So maybe I only can try to do it from outside, so do you mean I need to use js or web method to restrict it when I login?


Thanks

Aiolos

Partner
Partner

Re: Can I restrict user password or give a warning for changing the password every 30 days?

Yes, actually I change the login.html, but only for the UI, like font color. But I don't know whether I can restrict the password when I do the login.

Anyway maybe I need to ask our web developer, thanks!

Re: Can I restrict user password or give a warning for changing the password every 30 days?

No

Typically you don't do this in QlikView or on the QlikView server or in JavaScript or wherever.

Since you are using AD to authenticate your users, you need to configure AD in such a way that

  • Passwords expire after a preset period of time, and Windows itself will inform your users when they try to log into the domain, that their password has expired and needs to be changed.
  • Group policies are configured to restrict the length, type and reuse of passwords according to you company policy.

You should talk to your SysAdmin about this.

Peter