Using deny lists in the Identity Store

In the SecureAuth Identity Store, use a deny list to define words, fragments of words, and symbols not allowed in a user password. The keyword in the deny list applies to all or part of a password.

ids_deny_list_001.png

You can add keywords manually, one at at time, or do a bulk upload using a CSV file.

After you set up your deny lists, you attach them to a password policy. You can have more than one deny list in a password policy.

ids_deny_list_002.png

Deny list CSV file upload requirements

There is no file size limit or limit on the number of keywords you can upload. The CSV file format can be a single line with keywords separated by a comma like the following:

Example CSV format with comma-separated values in one cell

123456,123456789,qwerty,password,1111111,12345678,abc123,1234567,password1,12345,1234567890,123123,000000

Alternatively, you can have a CSV file with keywords in a single column like the following:

Example CSV format with comma-separated values in one column

2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020

Adding keywords to a deny list

  1. Open the SecureAuth Identity Store in any of the following ways:

    • Get a URL link from your administrator to the Identity Store UI.

    • In the SecureAuth Identity Platform, on the left side of the page, click Identity Store.

  2. In the Identity Store, on the left side of the page, click Deny Lists.

  3. Do one of the following:

    • To add a new deny list, click New Deny List and give it a name.

    • To edit a deny list, click the name of the deny list to edit.

  4. Do one of the following:

    • To add a single keyword, in the Add keyword to Deny List field, type the keyword and click Add.

    • To bulk upload many keywords, click Upload CSV, select the file and click Open.

  5. Save your changes.

Next steps

In the password policy, include the deny lists you want to enforce for user logins.

In this section: