Enforcing Password Complexity in Quality Center

  • KM1153624
  • 13-May-2011
  • 27-Oct-2020

Summary

QC does not include a mechanism to check password complexity therefore a workflow solution can be used

Question

Quality Center (QC) does not include a mechanism to check password complexity therefore a workflow solution can be used

Answer

1) Add the following Site Configuration parameter

DISABLE_PASSWORD_OTA_ENCRYPTION = Y

2) Secure the Customization>Workflow so the code can not be altered

  • Click Tools>Customize>Groups
  • Select the Group(s)>Administration
  • Uncheck "Setup Workflow"

3) Implement the following workflow code

Note: this code is purely a suggestion. Changes can be made to adjust the complexity. See the comments in the below code to make these adjustments

'Password Complexity Workflow for QC
'
Function CanLogin(DomainName, ProjectName, UserName)
  On Error Resume Next
  Set td = TDConnection
  strCurrentPassword = td.password
     If PasswordComplexity(strCurrentPassword) = False Then
        sValueOld= InputBox("Your current Password does not meet minimum complexity requirements" & vbcrlf & vbcrlf & "You must change your password now" & vbcrlf & vbcrlf & "Enter Old Password")
        sValueNew= InputBox("Enter New password")
        If PasswordComplexity(sValueNew) = False Then
           MsgBox "Password Complexity does not meet minimum requirments" & vbcrlf & vbcrlf & "You'll now be disconnected"
           CanLogin = False
        Else
            td.changepassword sValueOld,sValueNew
            CanLogin = True
        End If
     End If
  'CanLogin = DefaultRes
  On Error GoTo 0
End Function

Function PasswordComplexity(strValue)
  Dim intMinLength
  Dim bolChangePassword
  Dim intCountA
  Dim intCountB
  Dim strLetter
  Dim strCurrentPassword

  Dim intUCaseMin
  Dim intLCaseMin
  Dim unNScharMin

  Dim intUCaseCount
  Dim intLCaseCount
  Dim inNSCharCount

  intUCaseMin = 1  'set this value to specify the minimum number of upper case characters required in a password
  intLCaseMin = 1  'set this value to specify the minimum number of lower case characters required in a password
  intNScharMin = 1 'set this value to specify the minimum number of numbers AND special characters (symbols) required in a password
  intMinLength = 1 'set this value to specify the minimum number of total characters required in a password


  intUCaseCount = 0
  intLCaseCount = 0
  intNSCharCount = 0
  bolChangePassword = False


  If Len(strValue) < intMinLength  then bolChangePassword = True
     msgbox "enter loop"
     For intCountB = 1 to Len(strValue)
         strLetter = Mid(strValue,intCountB,1)
         'Check for upper case characters
         For intCountA = 65 to 90 'check for letters A thru Z inclusive (upper case)
             If strLetter = chr(intCountA) Then
                intUCaseCount = intUCaseCount + 1
             End If
         Next
         'Check for lower case characters
         For intCountA = 97 to 122 'check for letters a thru z inclusive (lower case)
             If strLetter = chr(intCountA) Then
                intLCaseCount = intLCaseCount + 1
             End If
         Next
         'Check for numbers
         For intCountA = 48 to 57 'check for numbers 0 thru 9 inclusive
             If strLetter = chr(intCountA) Then
                intNSCharCount = intNSCharCount + 1
             End If
         Next
         'Check for special
         For intCountA = 33 to 41 'check for special characters shift 0 thru shift 9 inclusive
             If strLetter = chr(intCountA) Then
                intNSCharCount = intNSCharCount + 1
             End If
             'check for custom special
             If strLetter = chr(43) then intNSCharCount = intNSCharCount + 1 'check for "+"
             If strLetter = chr(45) then intNSCharCount = intNSCharCount + 1 'check for "-"
             If strLetter = chr(61) then intNSCharCount = intNSCharCount + 1 'check for "="
             If strLetter = chr(95) then intNSCharCount = intNSCharCount + 1 'check for "_"
         Next
     Next
     If intUCaseCount < intUCaseMin or intLCaseCount < intLCaseMin or intNSCharCount < intNScharMin or bolChangePassword = True Then
        bolComplexityMet = False
     Else
        bolComplexityMet = True
     End If
     PasswordComplexity = bolComplexityMet
End Function