cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rafael Weingärtner (JIRA) <>
Subject [jira] [Updated] (CLOUDSTACK-10082) Enforcing local password policies
Date Mon, 02 Oct 2017 15:08:00 GMT


Rafael Weingärtner updated CLOUDSTACK-10082:
    Priority: Major  (was: Minor)

> Enforcing local password policies
> ---------------------------------
>                 Key: CLOUDSTACK-10082
>                 URL:
>             Project: CloudStack
>          Issue Type: New Feature
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: API, Management Server
>            Reporter: Marcelo Lima
> No matter how secure a user make your password initially, his will eventually choose
her own password. Therefore, CloudStack should set account policies that define a secure password
for access for GUI. Password policies are a subset of the policies configurable in Global
> Enforce Password History
> This sets how frequently old passwords can be reused. With this policy, you can discourage
users from alternating between several common passwords.
> Maximum Password Age
> This determines how long users can keep a password before they have to change it, in
> Minimum Password Age
> This determines how long users must keep a password before they can change it, in days.
> Minimum Password Length
> This sets the minimum number of characters for a password
> Passwords Must Meet Complexity Requirements
>    - Passwords must have at least six characters.
>    - Passwords can’t contain the user name or parts of the user’s full name, such
as his first name.
>    - Passwords must use at least three of the four available character types: lowercase
letters, uppercase letters, numbers, and symbols.

This message was sent by Atlassian JIRA

View raw message