Password-based authentication

Plain-text password-based authentication is stateless. After a password is correctly set, access is granted for indefinite time periods. Passwords can be up to 1024 characters in length. To enforce password strength and existence requirements, set the server security level. See Server security levels for details. Plain-text password based authentication is supported only at security levels 1, and 2.

Tip

If the security level is above 0 and your organization has only one user with the super access levelClosed A permission assigned to a user to control which commands the user can run. See also the 'protections' entry in this glossary and the 'p4 protect' command in the Helix Core Command-Line (P4) Reference., make sure that this user has a valid password before setting the dm.user.setinitialpasswd configurable to 0. Otherwise that user will not be able to log in to the server.

The default minimum password length is eight characters. Minimum password length is configurable by setting the dm.password.minlength configurable. For example, to require passwords to be at least 16 characters in length, a superuser can run:

$ p4 configure set dm.password.minlength=16

To require users to change their passwords after a specified interval, assign your users to at least one group and set the PasswordTimeout: value for that group. For users in multiple groups, the largest defined PasswordTimeout (including unlimited, but ignoring unset) value applies.

The p4 admin resetpassword command forces specified users with existing passwords to change their passwords before they can run another command. (This command works only for users whose authMethod is set to perforce. However, you can use it in a mixed environment, that is an environment in which both Helix Core Server-based and LDAP-based authentication are enabled.)