A password dictionary is a list of words or characters that you can upload to your IdentityNow site. You can configure your password policies to prevent your users from setting new passwords that contain words or characters in this dictionary.
Using a password dictionary involves two high-level steps:
And where <countryCode> is the 2-letter ISO 3166-1 Code for the country.
You'll need to include the locale string for the language you're planning on using in your password dictionary if you're using a language other than English. If you don't add a locale string, the password dictionary will automatically use the locale string for English, shown here:
Using multiple locale strings is not supported.
3. Under the locale string, add a list of words to this file. Your list must have the following characteristics:
It must be a .txt file.
Each line containing a prohibited word or character must be only a single word of any length, with no spaces or whitespace characters.
The file must contain no more than 2,500 lines of prohibited words.
It must contain at least 1 line.
Each line should be no more than 128 characters long.
All characters in this file must be UTF-8 characters.
Lines that consist of only whitespace will be ignored by SailPoint's API.
Lines that start with a # will be treated as comments.
All words in this password dictionary are case-insensitive, so adding the word "password" to your list of prohibited words will also disallow the words "PASSWORD," "Password," and "PassWord."
The password dictionary uses substring matching, so adding the word "spring" to your list of prohibited words will also disallow “Spring124”, “345SprinG”, and "8spring".
4. Upload the file containing your list of prohibited words to SailPoint's password dictionary API.