PPE Not Enforcing Custom Dictionary

Russell · July 8, 2025, 3:39pm

I have a client testing PPE and has noticed an issue testing their policy and it not picking up the dictionary being used,

I have also tested this in my environment and can replicate the same result.

In the screenshot below, using the default dictionary that comes with the platform, a testing a user against the policy you can see the word was identified and rejected.

However, when using a custom dictionary the disallowed entry is not detected and the user is able to set a password.

I can confirm the custom dictionary has blank entries at the start and end of the file.

I have tested in an older version 11.0.4.17 (need to update and test in current)

The client is using 11.0.5.5

Can you verify if this is this a potential bug??

Regards,
Russell

rpiddocke · July 8, 2025, 3:44pm

The terms also must be all caps. Please use the sort function in the dictionary rule and try again.

Russell · July 8, 2025, 4:15pm

Hi Robert,

Thanks for the fast response, adding all the entries in uppercase and sorting via the rule resolved the issue in my tests.

I will pass this info back to the client so they can test.

This thread can be closed resolved.

Regards,
Russell

Topic		Replies	Views
Building a custom dictionary Show & Tell	0	26	April 11, 2025
Does EPE on NTP have the option to monitor for a specific set of passwords, and alert on when they are used? Discussions & Questions threat-prevention , enterprise-password-enforcer	4	64	May 16, 2025
Patch Version 11.0.4.17 Released News password-policy-enforcer , announcement , release-patch	0	137	April 24, 2025
Patch Version 11.0.3.20 Released News password-policy-enforcer	0	164	March 25, 2025
Custom Account Lockout alert not working Discussions & Questions auditor , lockout , alerts	4	29	July 8, 2025

PPE Not Enforcing Custom Dictionary

Related topics