cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Marcelo Lima (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-10082) Enforcing local password policies
Date Tue, 19 Sep 2017 20:22:00 GMT
Marcelo Lima created CLOUDSTACK-10082:
-----------------------------------------

             Summary: Enforcing local password policies
                 Key: CLOUDSTACK-10082
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10082
             Project: CloudStack
          Issue Type: New Feature
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: API, Management Server
            Reporter: Marcelo Lima
            Priority: Minor


No matter how secure a user make your password initially, his will eventually choose her own
password. Therefore, CloudStack should set account policies that define a secure password
for access for GUI. Password policies are a subset of the policies configurable in Global
Settings:

Enforce Password History
This sets how frequently old passwords can be reused. With this policy, you can discourage
users from alternating between several common passwords.

Maximum Password Age
This determines how long users can keep a password before they have to change it, in days.

Minimum Password Age
This determines how long users must keep a password before they can change it, in days.

Minimum Password Length
This sets the minimum number of characters for a password

Passwords Must Meet Complexity Requirements
    Passwords must have at least six characters.
    Passwords can’t contain the user name or parts of the user’s full name, such as his
first name.
    Passwords must use at least three of the four available character types: lowercase letters,
uppercase letters, numbers, and symbols.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message