...
it is the plugins responsibility to declare the bean that is implementing the above interface with in that plugin. Please refer (1) to know how to add a new plugin to cloudstack
Currently The integration points are at plugins those implement UserAuthenticator wile encoding a given password.
...
<bean id="SHA256SaltedUserAuthenticator" class="com.cloud.server.auth.SHA256SaltedUserAuthenticator">
<property name="name" value="SHA256SALT"/>
<property name="passwordCheckers" value="#{passwordCheckersRegistry.registered}"/>
</bean>
cloudstack gives the following default plugin to support password checker which gets registered with Extension Registry.
plugins/security/password-checker.
It has the following bean declaration in spring-password-checker.xml
<bean id="passwordChecker" class="org.apache.cloudstack.security.password.PasswordCheckerImpl">
<property name="name" value="DEFAULTPASSWORDCHECKER"/>
<!-- Comment any of the below sections you want modify if you are having requirements which are differing with default values -->
<!-- property name="minLength" value="8"/ -->
<!-- property name="maxLength" value="16"/ -->
<!-- property name="passwordCheckerPropertiesFile" value="password-checker.properties"/ -->
</bean>
It has the following property file to change the password strength rules.
The password strength is calculated based on the following algorithm: