You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Marcelo Lima (JIRA)" <ji...@apache.org> on 2017/09/19 20:22:00 UTC
[jira] [Created] (CLOUDSTACK-10082) Enforcing local password
policies
Marcelo Lima created CLOUDSTACK-10082:
-----------------------------------------
Summary: Enforcing local password policies
Key: CLOUDSTACK-10082
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10082
Project: CloudStack
Issue Type: New Feature
Security Level: Public (Anyone can view this level - this is the default.)
Components: API, Management Server
Reporter: Marcelo Lima
Priority: Minor
No matter how secure a user make your password initially, his will eventually choose her own password. Therefore, CloudStack should set account policies that define a secure password for access for GUI. Password policies are a subset of the policies configurable in Global Settings:
Enforce Password History
This sets how frequently old passwords can be reused. With this policy, you can discourage users from alternating between several common passwords.
Maximum Password Age
This determines how long users can keep a password before they have to change it, in days.
Minimum Password Age
This determines how long users must keep a password before they can change it, in days.
Minimum Password Length
This sets the minimum number of characters for a password
Passwords Must Meet Complexity Requirements
Passwords must have at least six characters.
Passwords can’t contain the user name or parts of the user’s full name, such as his first name.
Passwords must use at least three of the four available character types: lowercase letters, uppercase letters, numbers, and symbols.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)