Application user password policy - OpenEdge 11.7.5

Posted by atuldalvi123 on 03-Feb-2020 11:22

Hello All,

We have a small application running for a long time and now we have a plan to set a new password policy for the application login user.

Do you have suggestions or any guidelines for this or Is there any in-built utility available in OpenEdge to validate the password ?

What should be the strong password policy for the application user while creating or changing the password ?


Atul Dalvi

All Replies

Posted by gus bjorklund on 03-Feb-2020 16:16

best approach is to use several random words (of a language that suits the user) connected by some suitable character. example:


complex passwords composed of random letters, numbers, and special characters are impossible to remember and hard to type correctly. this drives users to write them down on sticky notes attached to their screens.

making users change passwords every week is cruel and unusual punishment. once a year is enough.


Posted by ducity on 03-Feb-2020 23:36

to build on Gus's thoughts, setting a minimum length of 12 is better than one of 8.

Posted by gus bjorklund on 04-Feb-2020 17:10

or maybe at least three words

or whatever number floats the boat.

Posted by Patrick Tingen on 05-Feb-2020 08:16

Depending on you situation, but no password at all might also be a good solution. If your application runs on a windows environment, you could use the userid from the windows login to identify the user.

This thread is closed