Is it possible to setup password rules for users with NavUserPassword?

pdjpdj Posts: 637Member

I have a client using the WebClient for non-employees. They are therefore created in NAV as users with NavUserPassword to avoid having them created in the Active Directory. So far so good.

Now they would like to setup different rules regarding their password - just like their AD users.
* Block login after X invalid attempts
* Password should be at least X chars and include special chars etc.

I guess it might be possible to solve the first requirement by reading in the event log of the NAV server, and search for failed logins. But it will not be a very nice solution - can it be done in a better way?
The only way to solve no. 2, is by trying to brute-force the password. Or do you have a better suggestion?

My only other suggestion, is to create them in the AD, but the client would like to avoid that.

Best Answer


  • pdjpdj Posts: 637Member
    Thanks, it seems I can customize the password strength criteria in Codeunit 9801 ValidateKeyStrength(). I didn't even check as I was sure it was checked by the run-time.

    But I still doubt I can catch invalid login attempts in C/AL, or does anyone have any idea to do that?
Sign In or Register to comment.