cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Damoder Reddy <Damoder.Re...@citrix.com>
Subject Re: [PROPOSAL] Adding a plugin to check the password strength of all users
Date Mon, 21 Jul 2014 10:51:46 GMT
For the first part I am planning to add parameters to global settings.

But for the 2nd part I think it depends on where we are integrating this plugin.

To start with I will integrate it with abstract layer of Authenticator implementations and
we can override in the corresponding authenticator on need basis.  

Thanks
Damoder/

On 18-Jul-2014, at 10:28 pm, Demetrius Tsitrelis <Demetrius.Tsitrelis@citrix.com> wrote:

> So the plugin will show the strength AND it will enforce the strength when a user is
created or updates his password.  Will it be possible for an administrator to disable either
of these?
> 
> For both of those capabilities is the plugin's behavior configurable for different authentication
encoders?  That is, could I have one set of rules for the SHA256 authenticator and a different
set of rules for the MD5 authenticator?
> 
> -----Original Message-----
> From: Damoder Reddy [mailto:Damoder.Reddy@citrix.com] 
> Sent: Friday, July 18, 2014 9:13 AM
> To: dev@cloudstack.apache.org
> Subject: Re: [PROPOSAL] Adding a plugin to check the password strength of all users
> 
> Will show the strength of the password as well.
> 
> 
> On 18-Jul-2014, at 6:53 pm, Demetrius Tsitrelis <Demetrius.Tsitrelis@citrix.com>
wrote:
> 
>> Will the plugin merely show the strength of the password or will the plugin prevent
the use of weak passwords?
>> 
>> ________________________________________
>> From: Damoder Reddy [Damoder.Reddy@citrix.com]
>> Sent: Thursday, July 17, 2014 11:02 PM
>> To: dev@cloudstack.apache.org
>> Subject: [PROPOSAL] Adding a plugin to check the password strength of 
>> all users
>> 
>> Hi all,
>> 
>> I am thinking to add a plugin which enables to check the password strength of a user
while setting/resetting the password for that user.
>> why as a plugin because different companies may have a different rule sets to check
the password strength.
>> 
>> The default implementation will have the password strength calculation 
>> based on the following parameters 1. Length of the password 2. Number 
>> of Character Sets involved in the password defined. For ex, Upper Case Letter, Lower
Case letter, Digits and special character set.
>> 
>> Ay suggestions/Comments?
>> 
>> Thanks
>> Damoder
> 


Mime
View raw message