cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Demetrius Tsitrelis <>
Subject Blacklists for passwords
Date Tue, 21 Jan 2014 19:04:47 GMT

CloudStack does not enforce complexity rules for user passwords even in its built-in user
database. For some accounts in particular, such as the root domain admin, it would seem a
good idea to have some minimum requirements.  Empty passwords, for example, should not be
allowed. What do you think about having a blacklist of
unacceptable passwords (e.g., “password”, “admin”, etc.) for the rood domain admin?

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message