About Nexus IQ

Hi Team,
We are using Nexus IQ 1.155.0.-01 licensed edition (on-premises)
I have few questions regarding configuring below settings as part of Nexus IQ;

  1. Does Nexus IQ authentication support enforcing of minimum password length (=>12 characters), password complexity requirements (1 uppercase, 1 lowercase, Digits, Special characters etc), password filters (avoid commonly used password type), change password upon first login, minimum password age (Enforce password change at least once every 365 days) and password reuse (Prohibit password reuse for a minimum of three generations) settings ?

  2. Does Nexus IQ has any settings to enforce account lock out threshold, disable inactive users, allow only 1 active session per user ?

  3. Would like to know the location of the settings/configurations nexus iq to enforce cryptographic algorithm to encrypt passwords using SHA512 hash algorithm with Salt ?
    (Is this algorithm settings defined on server side or can be seen from the nexus iq UI ? If yes please share the location where to find the same.)

Regards,
Azeem

Our recommendation is to use an external authentication system (LDAP or SAML) if you require advanced features like the ones you’ve listed:

https://help.sonatype.com/display/NXIQ/LDAP+Integration
https://help.sonatype.com/display/NXIQ/SAML+Integration

Regards,

Rich

Hi @rseddon ,

Just wanted to add on to this query, since the Nexus IQ server ships with the default admin account, what is the encryption algorithm used by IQ server to store this password locally in the server? Any reference link where we can find this information? Thank you

Regards,
Xander