IBM Sterling Ideas

formerly Watson Supply Chain

Submit new product ideas for IBM Sterling solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed. Order Management, Store Engagement, Watson Order Optimizer, Inventory Visibility, CPQ and Call Center are now part of Watson Supply Chain

Connect with IBM experts and your peers on the Supply Chain Collaboration Community and the Order Management Interest Group

Enhancing the Password Policy

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Apr 10 2019
  • Needs review
How will this idea be used?

Our security mandates the following password policy:

1. Special Characters
2. Must be at least 14 characters long
3. Must be at least 48 characters long
4. 1 Upper Case Characters
5. 1 Lower Case Characters
6. 1 Numeric Characters
7. Must not contain the User ID
8. Must not contain FirstName
9. Must not contain LastName

#1,2,3 we can achieve with the existing password policy scheme.
#4,5,6 we can achieve by adding custom password policy
#7,8 and 9 are the GAP. I am creating this enhancement request to add this functionality in the product. Ideally, all can be done through UI without any customization/custom password policy. Also, we have been using Generate Password REST API to generate the password but unfortunately it is not generating the password to match the specific password policy criteria. When checking the site, some other customer has already created an idea for the same: I strongly think we have to revisit the whole User Login / Password story as a whole such as lockout policy or audit requirements etc.,

If users forgot their password, administrators can reset the password, but that password need to be changed and should be forced, there should be an option in the password policy to choose the option. There was another idea associated with this requirement:

These really sound basic functionalities any of our customers looking for in the product...additionally adding them into the product will help them to meet the more demanding security requirements.

What is your industry? Aerospace & Defense
What is the idea priority? Urgent
DeveloperWorks ID
Link to original RFE
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    April 10, 2019 21:00

    Please add max Password length to 80-100. Some customers want stricter rules. Current 28 character length seems too small.

  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    April 17, 2019 08:49

    Your new password restrictions are TOTALLY ridiculous.  Makes you want to rethink the whole Sterling account we have.