Тема: Password Policy
Hello,
I do like to suggest the implementation of a password policy for users access. The current possibility of creating any simple password combination is leading to unauthorized access and possible tampering.
Вы не вошли. Пожалуйста, войдите или зарегистрируйтесь.
Hello,
I do like to suggest the implementation of a password policy for users access. The current possibility of creating any simple password combination is leading to unauthorized access and possible tampering.
It's really simple. You can assign to a user any password you like and then disable the option Can change password for this user.
Besiades, do not forget about access rights. If you don't want something to be tempered with, deny access to it.
Yeah sure, this way it is achievable. But there are some clients with strict corporate security policy who do want to change their password and at the same time want the system enforce their users comply and create strong passwords.
This is a process issue in my opinion. You can have the user test the password that they want to use in a password analyzer to validate the strength of the password to ensure it is strong.
Do you let users set their own passwords ?
Alternatively in a future update of hosting this password strength checking could be implemented or a partner may want to develop an add on that does this.
Yeah I allow users to change their password
pleaaaase no implementation of a mandantory "minimum 8 letters, one special character, one big character, one number, change password every 3 month, dont use old password"
You wount make your endcustomers happy.
I would like to have 2 factor auth (like the google authenticator). that is cool and easy (but of cause only for those who would like to use such a tool)
Wolf.