Function for Checking Passwords

When a user password is set using the command

user withLogin login set password

or a new user is created specifying the password using

user create login newuser defaultGroup testers password herPassword

the Content Management Server executes the passwordPolicyCheck Tcl procedure. If a new user is created in the GUI, he can only login after a password has been given to him by means of the corresponding dialog or Tcl procedure.

In this procedure, administrators can implement the rules passwords must obey and reject inacceptable passwords using error {error message}. The error message is then displayed in the Tcl shell and in the GUI. The procedure is not executed for passwords that have already been assigned.

A sample implementation can be found in the file share/script/cm/serverCmds/passwordPolicyCheck.tcl which can be found in the CMS directory. It rejects passwords whose length is less than 4 characters:

proc passwordPolicyCheck {password} {
  if {[string length $password] < 4}  {
    error "Das Passwort ist zu kurz. / The password is too short."