Type:
Stored procedure
If the system setting PasswordPolicy is set to Custom, the stored procedure specified by the system setting PasswordPolicyFulfillsPolicyProcedure is called when a user changes their password.
This procedure can then accept the password, or reject the password and provide a reason why.
Users will not be allowed to change to a password that violates policy, but it is possible to bypass policy by passing @EnforcePasswordPolicy = 0 when calling SoftadminApi.User_InsertUpdate or SoftadminApi.User_UpdatePassword.
If you need to log password changes, use PreUpdatePasswordProcedure instead.
Example
CREATE OR ALTER PROCEDURE CustomPasswordPolicy
@Password nvarchar(200),
@LanguageId int,
@UserId int = NULL,
@FulfillsPolicyOut int OUTPUT,
@ReasonOut nvarchar(255) OUTPUT
AS
BEGIN
DECLARE @Username nvarchar(50) = (
SELECT Username
FROM SoftadminApi.[User]
WHERE UserId = @UserId);
-- Check if the password contains the Username
IF CHARINDEX(@Username, @Password) > 0
BEGIN
SELECT
@FulfillsPolicyOut = 0, -- Policy not fulfilled
@ReasonOut = 'Password must not contain your user name.';
RETURN;
END;
-- Password is allowed.
SELECT
@FulfillsPolicyOut = 1,
@ReasonOut = NULL;
END;
Parameters
@Password
mandatory
nvarchar(200)
The user's new password.
@LanguageId
mandatory
int
Language ID for error messages.
@UserId
optional
int
ID of the user for whom the password is checked.
@FulfillsPolicyOut
mandatory
bit
Output parameter. Return 1 to accept the password, 0 to reject it.
@ReasonOut
mandatory
nvarchar
If the password was rejected, the reason why.